Avaya Aura Device Services - OS Command Injection

An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier. id: CVE-2023-3722 info: name:...

EUVD-2026-31863

Algernon is a small self-contained pure-Go web server. Prior to 1.17.6, uploadedFileSaveIn in lua/upload/upload.go uses filepath.Join with the caller-supplied directory but performs no boundary check after joining. A directory of ../../../tmp resolves cleanly to /tmp, outside the web root. This...

Path Traversal

Open WebUI is vulnerable to Path Traversal. The vulnerability is due to improper validation and sanitization of uploaded file names derived from HTTP upload requests, which allows an attacker to upload files with crafted dot-segments and traverse outside the intended uploads directory, potentiall...

CVE-2026-7847

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...

Insecure Randomness

Overview langchain-chatchat is a Langchain-Chatchat formerly langchain-ChatGLM, local knowledge based LLM like ChatGLM, Qwen and Llama RAG and Agent app with langchain Affected versions of this package are vulnerable to Insecure Randomness via the getfileid function in the Uploaded File Handler...

CVE-2026-7847

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...

CVE-2026-7847 chatchat-space Langchain-Chatchat Uploaded File openai_routes.py _get_file_id random values

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...

CVE-2026-7847

CVE-2026-7847 affects chatchat-space Langchain-Chatchat up to v0.3.1.3. The vulnerability is in the function _get_file_id within libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the Uploaded File Handler. Manipulation leads to insufficiently random values, with local-network ac...

CVE-2026-7847 chatchat-space Langchain-Chatchat Uploaded File openai_routes.py _get_file_id random values

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...

LangChain-Chatchat 加密问题漏洞

LangChain-Chatchat is a chatbot software developed based on the LangChain framework, open-sourced by Chatchat-Space. Versions of LangChain-Chatchat 0.3.1.3 and earlier had an encryption vulnerability. This vulnerability stems from a function in the Uploaded File Handler component, specifically th...

EUVD-2026-19398

A vulnerability was found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This issue affects the function moveuploadedfile of the file /AssignmentSection/submission/upload.php. Performing a manipulation of the argument File results in unrestricted upload. Th...

CVE-2026-5670

A vulnerability was found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This issue affects the function moveuploadedfile of the file /AssignmentSection/submission/upload.php. Performing a manipulation of the argument File results in unrestricted upload. Th...

CVE-2026-5670 Cyber-III Student-Management-System upload.php move_uploaded_file unrestricted upload

A vulnerability was found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This issue affects the function moveuploadedfile of the file /AssignmentSection/submission/upload.php. Performing a manipulation of the argument File results in unrestricted upload. Th...

CVE-2026-33370

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...

PT-2026-26614

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...

RealtyScript 跨站脚本漏洞

RealtyScript is a real estate website management system developed by RealtyScript Inc. Version 4.0.2 of RealtyScript contains a cross-site scripting vulnerability. This vulnerability stems from improper cleanup of uploaded files, which may allow attackers to store malicious scripts through the fi...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the nohtml configuration option not applying to SVG files. An attacker can execute arbitrary JavaScript code in the context of the user who opens a malicious SVG by uploading a crafted SVG file containing...

Input Validation Bypass

ai is vulnerable to Input Validation Bypass. The vulnerability is due to improper validation of uploaded file types, which allows an attacker to bypass filetype whitelists and upload unauthorized files...

CVE-2026-28289

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. A patch bypass vulnerability for CVE-2026-27636 in FreeScout 1.8.206 and earlier allows any authenticated user with file upload permissions to achieve Remote Code Execution RCE on the server by uploading a maliciou...

CVE-2026-28289

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. A patch bypass vulnerability for CVE-2026-27636 in FreeScout 1.8.206 and earlier allows any authenticated user with file upload permissions to achieve Remote Code Execution RCE on the server by uploading a maliciou...