12 matches found
CVE-2026-26699
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...
CVE-2026-26699
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...
CVE-2026-26699
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...
Personnel Property Equipment System 安全漏洞
Personnel Property Equipment System is a personnel property equipment management system developed by Jon Remus Sevellejo. Version 1.0 of Personnel Property Equipment System has security vulnerabilities; these vulnerabilities stem from arbitrary code execution in the...
PT-2026-22612
Name of the Vulnerable Software and Affected Versions sourcecodester Personnel Property Equipment System version 1.0 Description The software contains a flaw that allows for arbitrary code execution. This issue is present in the 'ip/ppes/admin/admin change picture.php' component. Recommendations ...
EUVD-2026-9198
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...
CVE-2026-26699
CVE-2026-26699 affects sourcecodester Personnel Property Equipment System v1.0. Multiple sources report an arbitrary code execution vulnerability in ip/ppes/admin/admin_change_picture.php. The Red Hat/CIRCL/NVD entries confirm the vulnerable component, but do not provide detailed root-cause speci...
CVE-2026-26699
sourcecodester Personnel Property Equipment System v1.0 is vulnerable to arbitrary code execution in ip/ppes/admin/adminchangepicture.php...
Campcodes Project Management System 代码问题漏洞
Campcodes Project Management System is a project management system from Campcodes, Inc. A code issue vulnerability exists in Campcodes Project Management System version 1.0, which stems from the parameter file in the file /forms/updateforms.php?action=changepic2&id=4 that can lead to unrestricted...
CVE-2018-18382
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" aka user/edit-profile action...
Remote code execution
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" aka user/edit-profile action...
CVE-2018-18382
Advanced HRM 1.6 is affected by CVE-2018-18382, which enables Remote Code Execution via PHP code uploaded to a .php file at the user/update-user-avatar URI, accessible through the Update Profile/Change Picture flow (user/edit-profile). The issue is tied to the specific endpoint path used for upda...