26 matches found
CVE-2026-10807
A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/changeprofileimage.php. Executing a manipulation of the argument prprofileimage can lead to unrestricted upload. The attack may be launched remotely. The...
CVE-2026-10807
A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/changeprofileimage.php. Executing a manipulation of the argument prprofileimage can lead to unrestricted upload. The attack may be launched remotely. The...
CVE-2026-10807 mjperpinosa stumasy change_profile_image.php unrestricted upload
A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/changeprofileimage.php. Executing a manipulation of the argument prprofileimage can lead to unrestricted upload. The attack may be launched remotely. The...
EUVD-2026-34253
A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/changeprofileimage.php. Executing a manipulation of the argument prprofileimage can lead to unrestricted upload. The attack may be launched remotely. The...
CVE-2026-10807 mjperpinosa stumasy change_profile_image.php unrestricted upload
A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/changeprofileimage.php. Executing a manipulation of the argument prprofileimage can lead to unrestricted upload. The attack may be launched remotely. The...
CVE-2026-10807
A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/changeprofileimage.php. Executing a manipulation of the argument prprofileimage can lead to unrestricted upload. The attack may be launched remotely. The...
CVE-2026-10807
The CVE-2026-10807 entry concerns mjperpinosa stumasy, affecting the unknown function in application/PHP/objects/profiles/change_profile_image.php. The issue allows an attacker to manipulate the pr_profile_image argument to achieve unrestricted upload, with remote exploitation. Public exploit dis...
CVE-2021-47934
MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and Bio. Attackers can also exploit a cross-site request forgery vulnerability in the timeline.php...
CVE-2026-23000 net/mlx5e: Fix crash on profile change rollback failure
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5enetdevchangeprofile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev with a fully reset...
CVE-2025-41031 Multiple vulnerabilities in Deporsite by T-INNOVA
Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to change other users' profile pictures via a POST request using the parameters ‘IdPersona’ and “Foto” in ‘/ajax/TInnovac/FotoUsuario/llamadaAjax/uploadImage’...
CVE-2024-5518
A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. This affects an unknown part of the file changeprofilepicture.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit ha...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a call to cleanup in the mlx5enetdevchangeprofile function in the event of a configuration file rollback...
CVE-2024-5518
A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. This affects an unknown part of the file changeprofilepicture.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit ha...
CVE-2024-5518 itsourcecode Online Discussion Forum change_profile_picture.php unrestricted upload
A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. This affects an unknown part of the file changeprofilepicture.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit ha...
PT-2024-36489 · Unknown · Itsourcecode Online Discussion Forum
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Discussion Forum version 1.0 Description: A critical issue has been found in the itsourcecode Online Discussion Forum, affecting the file change profile picture.php. The manipulation of the image argument leads to...
Online Discussion Forum 代码问题漏洞
Online Discussion Forum is a forum website. Itsourcecode A code issue vulnerability exists in version 1.0 of Online Discussion Forum, which stems from the parameter image in the file changeprofilepicture.php that can lead to unrestricted uploads...
CVE-2021-24473
The User Profile Picture WordPress plugin before 2.6.0 was affected by an IDOR issue, allowing users with the uploadimage capability by default author and above to change and delete the profile pictures of other users including those with higher roles...
zeeproperty 1.0 (upload/xss) Multiple Vulnerabilities
No description provided by source. ZEEPROPERTY v1.0 remote file Upload & XSS author: ZoRLu msn: [email protected] home: www.z0rlu.blogspot.com dork: Designed & Developed by Zeeways.com first register to site you add this code your shell to head GIF89a; example yourshell.php: GIF89a; ?...
CVE-2012-6508
Multiple cross-site request forgery CSRF vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to hijack the authentication of administrators for requests that 1 change arbitrary user passwords via a nouveau action in the security module to cars/ADMIN/index.php; 2 create a user or...
Automated link exchange portal 1.3 - Multiple Vulnerabilities
------------------------------------------------------------------------- Automated Link Exchange Portal V1.3 Multiple Remote Vulnerabilities --------------------------------------------------------------- Founder : TiGeR-Dz Home:www.h4ckx.com Script: Automated Link Exchange Portal Version 1.3...