CyreneAdmin 路径遍历漏洞

CyreneAdmin is a backend management system developed by CoCoTea’s individual developers. Versions of CyreneAdmin prior to 1.3.0 contained a path traversal vulnerability. This vulnerability stemmed from incorrect handling of the parameter “Avatar” in files/api/system/user/getAvatar, which could le...

EUVD-2007-3823

Malware in sbrugna...

EUVD-2020-23111

Malware in sbrugna...

EUVD-2007-3822

Malware in sbrugna...

EUVD-2009-1071

Malware in sbrugna...

CVE-2025-4012

A vulnerability was found in playeduxyz PlayEdu 开源培训系统 up to 1.8 and classified as problematic. This issue affects some unknown processing of the file /api/backend/v1/user/create of the component User Avatar Handler. The manipulation of the argument Avatar leads to server-side request forgery. Th...

PlayEdu 代码问题漏洞

PlayEdu is an industry-leading online training solution from the China PlayEdu team. A code issue vulnerability exists in PlayEdu 1.8 and earlier versions, which stems from a server-side request forgery due to incorrect operation of the parameter Avatar in the file /api/backend/v1/user/create...

CVE-2025-3783

A vulnerability classified as critical was found in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-product.php. The manipulation of the argument Avatar leads to unrestricted upload. The attack can be...

SourceCodester Web-based Pharmacy Product Management System 安全漏洞

SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source Web-based pharmacy product management system. A security vulnerability exists in version 1.0 of the SourceCodester Web-based Pharmacy Product Management System, which is caused by an unrestricted upload du...

SourceCodester Web-based Pharmacy Product Management System 代码问题漏洞

SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source Web-based pharmacy product management system. A code issue vulnerability exists in version 1.0 of the SourceCodester Web-based Pharmacy Product Management System, which stems from insufficient validation o...

SourceCodester Web-based Pharmacy Product Management System 代码问题漏洞

SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source Web-based pharmacy product management system. A code issue vulnerability exists in version 1.0 of the SourceCodester Web-based Pharmacy Product Management System, which stems from insufficient validation o...

SourceCodester Web-based Pharmacy Product Management System 代码问题漏洞

SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source Web-based pharmacy product management system. A code issue vulnerability exists in version 1.0 of the SourceCodester Web-based Pharmacy Product Management System, which stems from an incorrect manipulation...

SourceCodester Petshop Management System 代码问题漏洞

SourceCodester Petshop Management System is SourceCodester open source a pet store management system . A code issue exists in version 1.0 of the SourceCodester Petshop Management System, which is caused by an unrestricted file upload vulnerability in the avatar parameter of the...

PT-2024-38923 · Feehicms · Feehicms

Name of the Vulnerable Software and Affected Versions: FeehiCMS versions up to 2.1.1 Description: A critical issue affects the insert function of the file /admin/index.php?r=user%2Fcreate. The manipulation of the argument Useravatar leads to unrestricted upload. The attack may be initiated...

Prison Management System 代码问题漏洞

Prison Management System is a prison management system developed by Carlo Montero. A code issue exists in Prison Management System version 1.0, which is caused by an unrestricted file upload in the avatar parameter of the component Avatar Handler file in /Admin/edit-photo.php...

Prison Management System 代码问题漏洞

Prison Management System is a prison management system. A file upload vulnerability exists in Prison Management System version 1.0, which stems from a lack of validation of uploaded files in the avatar parameter of the /Admin/add-admin.php file. This vulnerability can be exploited to remotely...

Likeshop 安全漏洞

Likeshop is a complete solution for social commerce strategies from Likeshop Open Source. A security vulnerability exists in Likeshop versions prior to 2.5.7 that stems from the presence of a server-side request forgery SSRF vulnerability that allows an attacker to view sensitive information via...

SourceCodester Employee Management System Code Issue Vulnerability

SourceCodester Employee Management System is a php-based website builder for employee performance management from SourceCodester. A code issue exists in SourceCodester Employee Management System version 1.0 where the parameter avatar in the file /Admin/add-admin.php causes unrestricted uploads...

PT-2024-20191 · Sourcecodester · Sourcecodester Employee Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Employee Management System version 1.0 Description: A critical issue affects some unknown functionality of the file /Admin/add-admin.php, where the manipulation of the avatar argument leads to unrestricted upload. This issue ca...

CVE-2024-24028

Server Side Request Forgery SSRF vulnerability in Likeshop before 2.5.7 allows attackers to view sensitive information via the avatar parameter in function UserLogic::updateWechatInfo...