CVE-2026-10806 mjperpinosa stumasy add_post.php unrestricted upload

A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

EUVD-2026-34252

A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

CVE-2022-50944

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=addpost parameter, a...

CVE-2022-50944 Aero CMS 0.0.1 PHP Code Injection via posts.php

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=addpost parameter, a...

PT-2026-1421

Name of the Vulnerable Software and Affected Versions The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress versions through 3.41.0 Description The software contains a flaw that allows unauthorized modification of data. Specifically, a missing capability check...

CVE-2025-12330

A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit h...

CVE-2025-12330

A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit h...

CVE-2025-12330 Willow CMS Add Post add cross site scripting

A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit h...

CVE-2025-12330

CVE-2025-12330 affects Willow CMS up to 1.4.0. The vulnerability stems from improper handling of parameters in /admin/articles/add (Add Post Page), where manipulation of title/body leads to cross-site scripting. Exploitation can be remote, and public exploits exist. Impact is limited to the descr...

CVE-2025-12330 Willow CMS Add Post add cross site scripting

A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit h...

PT-2025-44057

Name of the Vulnerable Software and Affected Versions Willow CMS versions prior to 1.4.1 Description A security flaw exists in Willow CMS that allows for cross site scripting. The issue is related to the processing of the file '/admin/articles/add' within the Add Post Page component. Manipulation...

CVE-2022-30813

elitecms 1.01 is vulnerable to SQL Injection via /admin/addpost.php...

CVE-2021-25203

Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to \CMSsite-master\admin\includes\adminaddpost.php...

CVE-2025-44885

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the remoteip parameter in the websnmpv3remoteengineIdaddpost function...

PLANET FW-WGS-804HPT 安全漏洞

Planet FW-WGS-804HPT is a wall mounted managed switch from China PLANET. The Planet FW-WGS-804HPT suffers from a buffer overflow vulnerability that originates from the hostip parameter in the websnmpnotifyv3addpost function failing to correctly validate the length of the input data, which can be...

CVE-2024-33442

An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the addpost.php component...

CVE-2023-37165

Millhouse-Project v1.414 was discovered to contain a remote code execution RCE vulnerability via the component /addpostsql.php...

CVE-2023-37165

Millhouse-Project v1.414 was discovered to contain a remote code execution RCE vulnerability via the component /addpostsql.php...

Millhouse-Project SQL注入漏洞

Millhouse-Project is a blog page for the individual developer Thérèse Scott Rossi. A security vulnerability exists in Millhouse-Project version 1.414, which stems from a Remote Code Execution RCE vulnerability in component/addpostsql.php...

PT-2023-25814 · Unknown · Millhouse-Project

Name of the Vulnerable Software and Affected Versions: Millhouse-Project version 1.414 Description: A remote code execution issue was found in the component /add post sql.php, allowing for potential code execution. Recommendations: For Millhouse-Project version 1.414, consider restricting access ...