23 matches found
EUVD-2024-34772
Malicious code in bioql PyPI...
EUVD-2023-23647
Malicious code in bioql PyPI...
EUVD-2023-35530
Malicious code in bioql PyPI...
EUVD-2025-14157
Malicious code in bioql PyPI...
EUVD-2024-17021
Malicious code in bioql PyPI...
EUVD-2025-15690
Malicious code in bioql PyPI...
EUVD-2022-29047
Malicious code in bioql PyPI...
EUVD-2024-48160
Malicious code in bioql PyPI...
EUVD-2025-22848
Malicious code in bioql PyPI...
CVE-2025-8128
A vulnerability, which was classified as critical, has been found in zhousg letao up to 7d8df0386a65228476290949e0413de48f7fbe98. This issue affects some unknown processing of the file routes\bf\product.js. The manipulation of the argument pictrdtz leads to unrestricted upload. The attack may be...
CVE-2025-7877
CVE-2025-7877 affects Metasoft MetaCRM up to version 6.4.2. The issue is an unrestricted file upload caused by manipulation of the File argument in the processing of sendfile.jsp, enabling remote attacks. Exploit has been publicly disclosed. A fix/patch availability is not documented in the provi...
CVE-2025-7755 code-projects Online Ordering System edit_product.php unrestricted upload
A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/editproduct.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The explo...
CVE-2025-7538
The CVE-2025-7538 entry describes a critical unrestricted upload vulnerability in Campcodes Sales and Inventory System 1.0. It affects unknown code within the file /pages/product_update.php where manipulating the image argument enables remote exploitation. The exploit has been publicly disclosed,...
CVE-2024-13138
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl. The manipulation of the argument test leads to unrestricted upload. The attac...
CVE-2023-5034
A vulnerability classified as problematic was found in SourceCodester My Food Recipe 1.0. This vulnerability affects unknown code of the file index.php of the component Image Upload Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been...
CVE-2023-1328
A vulnerability was found in Guizhou 115cms 4.2. It has been classified as problematic. Affected is an unknown function of the file /admin/content/index. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...
CVE-2025-4291
IdeaCMS up to version 1.6 is affected by a vulnerability in the saveUpload function that allows unrestricted file uploads. The issue enables remote exploitation and has publicly disclosed exploit information. Connected sources corroborate the vulnerability in saveUpload and describe it as critica...
CVE-2025-3324 godcheese/code-projects Nimrod FileRestController.java unrestricted upload
A vulnerability, which was classified as critical, has been found in godcheese/code-projects Nimrod 0.8. Affected by this issue is some unknown functionality of the file FileRestController.java. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotel...
CVE-2025-1834
A vulnerability, which was classified as critical, was found in zj1983 zz up to 2024-8. This affects an unknown part of the file /resolve. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the publ...
CVE-2025-0402 1902756969 reggie CommonController.java upload unrestricted upload
A vulnerability classified as critical was found in 1902756969 reggie 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the argument file leads to unrestricted upload. The attack can be...