107 matches found
CVE-2024-7863 Favicon Generator < 2.1 - Arbitrary File Upload via CSRF
The Favicon Generator CLOSED WordPress plugin before 2.1 does not validate files to be uploaded and does not have CSRF checks, which could allow attackers to make logged in admin upload arbitrary files such as PHP on the server...
ELECOM WRC-2533GS2V-B、WRC-2533GS2-B和WRC-2533GS2-W 安全漏洞
ELECOM WRC-2533GS2V-B and others are a wireless router from ELECOM Japan. A security vulnerability exists in v1.68 and earlier versions of the ELECOM WRC-2533GS2V-B, WRC-2533GS2-B, and WRC-2533GS2-W. The vulnerability stems from the possibility that a logged-in user with administrative privileges...
WordPress WP eMember plugin < 10.6.6 - Admin+ Arbitrary File Upload vulnerability
Admin+ Arbitrary File Upload vulnerability discovered by Bob Matyas in WordPress Plugin WP eMember versions 10.6.6...
Aimeos Security Breach
Aimeos is an open source e-commerce framework for online stores from Aimeos Open Source. A security vulnerability exists in versions of Aimeos prior to 2024.04.5, which originates from a user with administrative privileges being able to upload files that look like images but contain PHP code that...
CVE-2024-3736 cym1102 nginxWebUI upload unrestricted upload
A vulnerability was found in cym1102 nginxWebUI up to 3.9.9. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /adminPage/main/upload. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been...
PT-2024-27516 · Unknown · Cym1102 Nginxwebui
Name of the Vulnerable Software and Affected Versions: cym1102 nginxWebUI versions up to 3.9.9 Description: A critical vulnerability was found in the cym1102 nginxWebUI, affecting unknown code of the file /adminPage/main/upload. The manipulation of the argument file leads to os command injection...
PT-2023-32798 · Saysky · Sayski Forestblog
Name of the Vulnerable Software and Affected Versions: saysky ForestBlog up to 20220630 Description: A critical issue has been found in the Image Upload Handler component, affecting the /admin/upload/img file. The manipulation of the filename argument leads to unrestricted upload. This issue can ...
ForestBlog 代码问题漏洞
ForestBlog is an application, a personal blog. An arbitrary file upload vulnerability exists in ForestBlog 20220630 and earlier versions, which stems from a lack of valid validation of the uploaded file by the parameter filename in the file /admin/upload/img. An attacker can exploit this...
PT-2023-31020 · Unknown · Thinkadmin
Name of the Vulnerable Software and Affected Versions: ThinkAdmin version 6.1.53 Description: An arbitrary file upload issue in the /admin/api.upload/file component allows attackers to execute arbitrary code via a crafted Zip file. Recommendations: For ThinkAdmin version 6.1.53, consider disablin...
Schneider Electric StruxureWare Data Center Expert 代码注入漏洞
Schneider Electric StruxureWare Data Center Expert StruxureWare Data Center Management Expert is a monitoring software from the French company Schneider Electric Schneider Electric. Suitable for a variety of organizations to monitor their company-wide power, cooling, security, environment. A code...
Bludit 代码问题漏洞
Bludit is an open source lightweight blog content management system CMS. A security vulnerability exists in Bludit version 3.9.2, which stems from vulnerability to Remote Code Execution RCE attacks via /admin/ajax/upload-images...
CVE-2023-33601
An arbitrary file upload vulnerability in /admin.php?c=upload of phpok v6.4.100 allows attackers to execute arbitrary code via a crafted PHP file...
PHPOK 代码问题漏洞
PHPOK is an enterprise building system that supports expansion. PHPOK version 6.4.100 suffers from an arbitrary file upload vulnerability, which stems from admin.php?c=upload&f=zip&noCache=0.1683794968 lack of valid validation of the uploaded file. An attacker can exploit this vulnerability to...
CVE-2023-1398
A vulnerability classified as critical was found in XiaoBingBy TeaCMS 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/upload. The manipulation leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the publi...
PT-2023-16955 · Unknown · Xiaobingby Teacms
Name of the Vulnerable Software and Affected Versions: XiaoBingBy TeaCMS version 2.0 Description: A critical vulnerability was found in XiaoBingBy TeaCMS, affecting an unknown functionality of the file /admin/upload. The manipulation leads to path traversal: '../filedir'. The attack can be launch...
XiaoBingBy TeaCMS 路径遍历漏洞
XiaoBingBy TeaCMS is a blog system by xiaobingby personal developer. A security vulnerability exists in XiaoBingBy TeaCMS version 2.0, which stems from a problem with the file /admin/upload, which can lead to a path traversal vulnerability...
PT-2022-24793 · Unknown · College Management System
Name of the Vulnerable Software and Affected Versions: College Management System version 1.0 Description: The issue allows an admin user to upload a .php file containing malicious code via the student.php file, potentially leading to remote code execution. The authentication required for this...
74cms 代码问题漏洞
XUNYI TECHNOLOGY 74cms is a PHP and MySQL based online recruitment system from China Xunyi Technology Company. A security vulnerability exists in version 74cmsSE v3.13.0, which stems from the /apiadmin/upload/attach component that allows an attacker to upload arbitrary files, resulting in the...
PT-2022-26287 · 74Cmsse · 74Cmsse
Name of the Vulnerable Software and Affected Versions: 74cmsSE version 3.13.0 Description: An arbitrary file upload issue in the "/api/admin/upload/attach" API endpoint allows attackers to execute arbitrary code via a crafted PHP file. Recommendations: For 74cmsSE version 3.13.0, consider disabli...
CVE-2022-2438
The Broken Link Checker plugin for WordPress is vulnerable to deserialization of untrusted input via the '$logfile' value in versions up to, and including 1.11.16. This makes it possible for authenticated attackers with administrative privileges and above to call files using a PHAR wrapper that...