8 matches found
CVE-2025-13573
A security flaw has been discovered in projectworlds can pass malicious payloads up to 1.0. This vulnerability affects unknown code of the file /addbook.php. The manipulation of the argument image results in unrestricted upload. The attack can be executed remotely. The exploit has been released t...
CVE-2025-13573
A security flaw has been discovered in projectworlds can pass malicious payloads up to 1.0. This vulnerability affects unknown code of the file /addbook.php. The manipulation of the argument image results in unrestricted upload. The attack can be executed remotely. The exploit has been released t...
CVE-2025-13573 projectworlds can pass malicious payloads add_book.php unrestricted upload
A security flaw has been discovered in projectworlds can pass malicious payloads up to 1.0. This vulnerability affects unknown code of the file /addbook.php. The manipulation of the argument image results in unrestricted upload. The attack can be executed remotely. The exploit has been released t...
CVE-2025-13573
CVE-2025-13573 concerns a vulnerability in Projectworlds’ add_book.php where manipulating the image parameter enables unrestricted file uploads. The issue is in unknown code for /add_book.php and is exploitable remotely, with public exploits available. The provided documents do not specify affect...
EUVD-2018-6580
Malware in sbrugna...
CVE-2018-14686
system/editbook.php in XYCMS 1.7 has stored XSS via a crafted adddo.php request, related to addbook.php...
Cross site scripting
system/editbook.php in XYCMS 1.7 has stored XSS via a crafted adddo.php request, related to addbook.php...
xycms add_book.php sql injection vulnerability
No description provided by source...