11 matches found
CVE-2026-1152
A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted element is an unknown function of the component QR Code Image Handler. Such manipulation of the argument codeimg leads to unrestricted upload. The attack may be launched remotely. The exploit has been...
CVE-2026-1152
A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted element is an unknown function of the component QR Code Image Handler. Such manipulation of the argument codeimg leads to unrestricted upload. The attack may be launched remotely. The exploit has been...
CVE-2026-1152
A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted element is an unknown function of the component QR Code Image Handler. Such manipulation of the argument codeimg leads to unrestricted upload. The attack may be launched remotely. The exploit has been...
CVE-2026-1152 technical-laohu mpay QR Code Image unrestricted upload
A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted element is an unknown function of the component QR Code Image Handler. Such manipulation of the argument codeimg leads to unrestricted upload. The attack may be launched remotely. The exploit has been...
CVE-2026-1152
The affected software is technical-laohu mpay (versions up to 1.2.4). A vulnerability in the QR Code Image Handler allows manipulation of the codeimg argument that leads to unrestricted file upload. This can be exploited remotely, and public exploits have been disclosed. Remediation per PSIRT/PT ...
CVE-2026-1152 technical-laohu mpay QR Code Image unrestricted upload
A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted element is an unknown function of the component QR Code Image Handler. Such manipulation of the argument codeimg leads to unrestricted upload. The attack may be launched remotely. The exploit has been...
CVE-2026-1152
A security vulnerability has been detected in technical-laohu mpay up to 1.2.4. The impacted element is an unknown function of the component QR Code Image Handler. Such manipulation of the argument codeimg leads to unrestricted upload. The attack may be launched remotely. The exploit has been...
CVE-2019-8909
An issue was discovered in WTCMS 1.0. It allows remote attackers to cause a denial of service resource consumption via crafted dimensions for the verification code image...
Code injection
An issue was discovered in WTCMS 1.0. It allows remote attackers to cause a denial of service resource consumption via crafted dimensions for the verification code image...
CVE-2018-17139
UltimatePOS 2.5 allows users to upload arbitrary files, which leads to remote command execution by posting to a /products URI with PHP code in a .php file with the image/jpeg content type...
ImageMagick -- multiple vulnerabilities
Debian reports: Various memory handling problems and cases of missing or incomplete input sanitizing may result in denial of service or the execution of arbitrary code if malformed SIXEL, PDB, MAP, SGI, TIFF and CALS files are processed...