CVE-2026-5439

A memory exhaustion vulnerability exists in ZIP archive processing. Orthanc automatically extracts ZIP archives uploaded to certain endpoints and trusts metadata fields describing the uncompressed size of archived files. An attacker can craft a small ZIP archive containing a forged size value,...

CVE-2018-9037

Monstra CMS 3.0.4 allows remote code execution via an uploadfile request for a .zip file, which is automatically extracted and may contain .php files...

ariacms 系统后台任意文件上传漏洞

试了几次上传点都是失败，后来发现这里可以传压缩包。发现上传点。数据库必须以cbd3d20160112hnX8NP1.php这样命名。否则会提示恢复失败 恢复数据库，命名好的php会自动解压。直接解压到wwwroot/admin/databack/sql目录内，运行即可。...