CVE-2025-2031

A vulnerability classified as critical has been found in ChestnutCMS up to 1.5.2. This affects the function uploadFile of the file /dev-api/cms/file/upload. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

Malicious code in @kamotive/api-file-upload (npm)

--- -= Per source details. Do not edit below this line.=-...

GHSA-6CWV-WJ7V-73XP Magento executes code via the API File Option Upload Extension

Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability in the API File Option Upload Extension. An attacker with Admin privileges can achieve unrestricted file upload which can result in remote code...

Fedora 10 : drupal-6.14-1.fc10 (2009-9751)

Fixes SA-CORE-2009-008 http://drupal.org/node/579482 Remember to log in to your site as the admin user before upgrading this package. After upgrading the package, browse to http://host/drupal/update.php to run the upgrade script. Multiple vulnerabilities and weaknesses were discovered in Drupal...