EUVD-2006-6238

Malware in sbrugna...

EUVD-2023-52317

Malicious code in bioql PyPI...

CVE-2024-12374 Stored XSS in automatic1111/stable-diffusion-webui

A stored cross-site scripting XSS vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, which the application interprets as content-type application/html. If a victim accesses the malicious link, it will execute arbitrary JavaScript...

CVE-2024-10238

A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6. An attacker can upload a specially crafted image that will cause a stack overflow is caused by not checking fld-usedbytes...

BIT-ESPOCRM-2023-5966

An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the extension deployment form, which could lead to arbitrary PHP code execution...

CVE-2022-31483

An authenticated attacker can upload a file with a filename including “..” and “/” to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contai...

Incomcms 代码问题漏洞

Incomcms is a website builder for Incomcms individual developers. A file upload vulnerability exists in IncomCMS version 2.0, which originates from the modules/uploader/showcase/script.php unsafe file upload vulnerability. An attacker can exploit this vulnerability to upload files to the server...

CVE-2019-4069

IBM Intelligent Operations Center IOC 5.1.0 through 5.2.0 does not properly validate file types, allowing an attacker to upload malicious content. IBM X-Force ID: 157014...