CVE-2023-51643

Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...

Nanjing Xingyuantu Technology SparkShop Code Issue Vulnerability

Nanjing Xingyuantu Technology SparkShop is an open source shopping mall from Nanjing Xingyuantu Technology, a Chinese company. A code issue vulnerability exists in Nanjing Xingyuantu Technology SparkShop 1.1.6 and earlier versions, which stems from the parameter file in the file...

PT-2024-15924 · Beijing Baichuo · Beijing Baichuo Smart S210 Management Platform

Name of the Vulnerable Software and Affected Versions: Beijing Baichuo Smart S210 Management Platform versions up to 20240117 Description: A critical vulnerability has been found in the Beijing Baichuo Smart S210 Management Platform. The issue affects the file /Tool/uploadfile.php, where the...

CVE-2023-6576

A vulnerability was found in Byzoro S210 up to 20231123. It has been declared as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php of the component HTTP POST Request Handler. The manipulation of the argument fileupload leads to unrestricted upload. The attack can ...

CVE-2023-3625

A vulnerability classified as critical was found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706. This vulnerability affects unknown code of the file /Duty/AjaxHandle/Write/UploadFile.ashx of the component Duty Write-UploadFile. The manipulation ...

KiteCMS 代码问题漏洞

KiteCMS is a content management system based on think php. An arbitrary file upload vulnerability exists in /admin/upload/uploadfile in KiteCMS version 1.1. An attacker can exploit the vulnerability getshell via a specially crafted PHP file...