CVE-2025-47372

Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication...

CVE-2024-8538

The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. This is due the plugin not sanitizing a file path in an error message. This makes it possible for authenticated attackers, with...

CVE-2023-47792

Cross-Site Request Forgery CSRF vulnerability in Infinite Uploads Big File Uploads – Increase Maximum File Upload Size plugin = 2.1.1 versions...

CVE-2022-42029

Chamilo 1.11.16 is affected by an authenticated local file inclusion vulnerability which allows authenticated users with access to 'big file uploads' to copy/move files from anywhere in the file system into the web directory...

WordPress Big File Uploads plugin <= 2.1.2 - Authenticated (Author+) Full Path Disclosure vulnerability

Authenticated Author+ Full Path Disclosure vulnerability discovered by netc4t in WordPress Plugin Big File Uploads versions = 2.1.2...

WordPress Big File Uploads Plugin <= 2.1.2 is vulnerable to Full Path Disclosure (FPD)

Software Big File Uploads Type Plugin Vulnerable versions = 2.1.2 Fixed in 2.1.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Full Path Disclosure FPD CVE CVE-2024-8538 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7d70a0318727 Credits netc4t Required privileg...

CVE-2024-8538

The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. This is due the plugin not sanitizing a file path in an error message. This makes it possible for authenticated attackers, with...

CVE-2024-8538 Big File Uploads <= 2.1.2 - Authenticated (Author+) Full Path Disclosure

The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. This is due the plugin not sanitizing a file path in an error message. This makes it possible for authenticated attackers, with...

CVE-2024-8538 Big File Uploads <= 2.1.2 - Authenticated (Author+) Full Path Disclosure

The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. This is due the plugin not sanitizing a file path in an error message. This makes it possible for authenticated attackers, with...

WordPress plugin Big File Uploads 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. An information disclosure...

SUSE CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

UBUNTU-CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms

Chamilo-LMS-CVE-2023-4220-Exploit This is an Exploit for Unres...

Cross site scripting

Unrestricted file upload in big file upload functionality in /main/inc/lib/javascript/bigupload/inc/bigUpload.php in Chamilo LMS = v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell...

Big File Uploads < 2.1.2 - Cross-Site Request Forgery via actions

Description The Big File Uploads plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the actions function. This makes it possible for unauthenticated attackers to dismiss or delay admin...

CVE-2023-47792

Cross-Site Request Forgery CSRF vulnerability in Infinite Uploads Big File Uploads – Increase Maximum File Upload Size plugin = 2.1.1 versions...

CVE-2023-47792

Cross-Site Request Forgery CSRF vulnerability in Infinite Uploads Big File Uploads – Increase Maximum File Upload Size plugin = 2.1.1 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Infinite Uploads Big File Uploads – Increase Maximum File Upload Size plugin = 2.1.1 versions...

CVE-2023-47792

CVE-2023-47792 is a CSRF vulnerability in the WordPress plugin Infinite Uploads Big File Uploads – Increase Maximum File Upload Size (versions ≤ 2.1.1). The issue is due to insufficient CSRF protections on actions, enabling unauthenticated exploitation to trigger state-changing requests. CVSS v3....

WordPress Plugin Big File Uploads Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Big File Uploads - Increas...