2172 matches found
CVE-2025-2396
The CVE-2025-2396 entry concerns the U-Office Force product by e-Excellence. The vulnerability is an Arbitrary File Upload that allows remote attackers with regular privileges to upload and execute a Web Shell backdoor, enabling arbitrary code execution on the server. Documented impact is High (C...
e-Excellence U-Office Force 代码问题漏洞
e-Excellence U-Office Force is an e-Office platform from China's First Class Technology e-Excellence. A code issue vulnerability exists in e-Excellence U-Office Force, which originates from an arbitrary file upload and could allow a remote attacker to upload and execute a Web Shell backdoor to...
Exploit for CVE-2025-28915
CVE-2025-28915 Vulnerability Description: WordPress is a bl...
CVE-2025-28915
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through = 1.2.9...
CVE-2025-28915
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through = 1.2.9...
CVE-2025-28915 WordPress ThemeEgg ToolKit plugin <= 1.2.9 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through = 1.2.9...
CVE-2025-28915
ThemeEgg ToolKit (WordPress)
CVE-2025-28915 WordPress ThemeEgg ToolKit plugin <= 1.2.9 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through = 1.2.9...
CVE-2024-51319
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimgupload.jsp...
CVE-2024-51319
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimgupload.jsp...
CVE-2024-51319
CVE-2024-51319 : A local file inclusion in Zucchetti Ad Hoc Infinity 2.4’s /servlet/Report, exploited by uploading a JSP web/reverse shell through /jsp/zimg_upload.jsp, allows an authenticated attacker to achieve Remote Code Execution. The vulnerability is locally exploitable with LOW user intera...
Resto - Single Vendor Online Food Ordering Shell Upload Vulnerability
Title: Resto - Single Vendor Online Food Ordering - Authenticated RCE Description: Resto Single Vendor Online Source URL: https://res.newmedilife.in/admin Source Name/Email: Mehmet Can Kadıoğlu a.k.a mao7un CVEs: N/A Software URL:...
ZENworks Configuration Management 11.1a Shell Upload
ZENworks Configuration Management version 11.1a suffers from a remote shell upload vulnerability. ============================================================================================================================================= | Title : ZENworks Configuration Management 11.1a PHP Cod...
The SOC files: Chasing the web shell
Web shells have evolved far beyond their original purpose of basic remote command execution, and many now function more like lightweight exploitation frameworks. These tools often include features such as in-memory module execution and encrypted command-and-control C2 communication, giving...
CVE-2025-26776
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3...
CVE-2025-26776
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3...
CVE-2025-26776 WordPress Chaty Pro Plugin <= 3.3.3 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3...
CVE-2025-26776
CVE-2025-26776 affects WordPress Chaty Pro plugin versions n/a through 3.3.3. The root cause is an Unrestricted Upload of File with Dangerous Type, enabling an attacker to upload a Web Shell to the web server. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) indicates a remote, unauthent...
CVE-2025-26776 WordPress Chaty Pro Plugin <= 3.3.3 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3...
WordPress plugin Chaty Pro 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...