27 matches found
EUVD-2023-31489
An arbitrary file upload vulnerability in MK-Auth 23.01K4.9 allows attackers to execute arbitrary code via uploading a crafted PHP file...
PT-2026-5950
An arbitrary file upload vulnerability in the AddFont function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file...
CVE-2025-46001
An arbitrary file upload vulnerability in the isallowedfiletype function of Filemanager v2.3.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...
BIT-LUA-2021-43519
Stack overflow in luaresume of ldo.c in Lua Interpreter 5.1.05.4.4 allows attackers to perform a Denial of Service via a crafted script file...
lua: stack overflow in lua_resume of ldo.c allows a DoS via a crafted script file
A stack overflow issue was discovered in Lua in the luaresume function of 'ldo.c'. This flaw allows a local attacker to pass a specially crafted file to the Lua Interpreter, causing a crash that leads to a denial of service...
lua: stack overflow in lua_resume of ldo.c allows a DoS via a crafted script file
A stack overflow issue was discovered in Lua in the luaresume function of 'ldo.c'. This flaw allows a local attacker to pass a specially crafted file to the Lua Interpreter, causing a crash that leads to a denial of service...
Moderate: Red Hat Security Advisory: lua security update
An update for lua is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Restaurant POS System 代码问题漏洞
Restaurant POS System is a full-featured Restaurant POS System based project by Martin Mbithi Nzilani Personal Developer. A security vulnerability exists in Restaurant POS System v1.0, which stems from an arbitrary file upload vulnerability contained in addproduct.php. An attacker can exploit thi...
Simple College Website 安全漏洞
Sourcecodester Simple College Website is Sourcecodester an open source application . A content management system. A security vulnerability exists in Simple College Website v1.0 that originates from a vulnerability that allows an attacker to execute arbitrary code via a crafted PHP file...
PT-2022-25195 · Unknown · Simple College Website
Name of the Vulnerable Software and Affected Versions: Simple College Website version 1.0 Description: A remote file inclusion issue allows attackers to execute arbitrary code via a crafted PHP file. This issue is exploitable when the allow url include directive is set to On. Recommendations: For...
CVE-2022-36582
An arbitrary file upload vulnerability in the component /phpaction/createProduct.php of Garage Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
Privilege Escalation
lua5 is vulnerable to privilege escalation. The vulnerability exists due to a Use after free in garbage collector and finalizer of lgc.c allowing an attacker to perform Sandbox Escape via a crafted script file...
Foxit PDF Reader 代码问题漏洞
Foxit PDF Reader is a Chinese Foxit Foxit company's PDF reader. A code issue vulnerability exists in Foxit PDF Reader version v11.2.1.53537, which originates from a code issue that contains a dereference via the NULL pointer of the component FoxitPDFReader.exe. An attacker can exploit this...
express-fileupload 代码问题漏洞
express-fileupload is a file upload middleware by Richard Girges, an individual developer in the United States. A code issue vulnerability exists in express-fileupload v1.3.1 that allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-27352
Simple House Rental System v1 was discovered to contain an arbitrary file upload vulnerability via /app/register.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
baigo CMS 代码问题漏洞
baigo CMS is a PHP-based open source web content management system CMS. A security vulnerability exists in baigo CMS v3.0-alpha-2, which allows an attacker to execute arbitrary code by uploading a crafted PHP file...
AZL-40979 CVE-2021-44964 affecting package ntopng for versions less than 5.2.1-6
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...
CVE-2021-44964
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...
CVE-2021-44964
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...
WBCE CMS 安全漏洞
WBCE CMS is an open source content management system CMS based on PHP and MySQL. WBCE CMS suffers from a security vulnerability that originates in /templates/install.php that allows attackers to execute arbitrary code via a crafted PHP file...