Directory Traversal

Overview psitransfer is a Simple open source self-hosted file sharing solution Affected versions of this package are vulnerable to Directory Traversal through the Store.getFilename path resolution in the upload storage component. An attacker can escape the upload jail and read or overwrite files...

CVE-2025-50857

ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload...

CVE-2025-50857

ZenTaoPMS versions 18.11 through 21.6.beta are affected by a Directory Traversal vulnerability in /module/ai/control.php that allows arbitrary code execution via a crafted file upload. The root cause is a directory traversal flaw in the file-upload handling, enabling an attacker to place or execu...

PT-2026-21020

Name of the Vulnerable Software and Affected Versions Sync-in Server versions prior to 1.9.3 Description A Stored Cross-Site Scripting XSS issue exists in Sync-in Server. An authenticated attacker can execute arbitrary JavaScript in a victim’s browser. This is achieved by uploading a crafted SVG...

CVE-2026-1227

CVE-2026-1227 describes an XML External Entity (XXE) vulnerability (CWE-611) in which a local user uploading a specially crafted TGML graphics file to the EBO server from Workstation could trigger unauthorized disclosure of local files, unintended interaction within the EBO system, or denial of s...

(0Day) Microsoft ASP.NET SOAP Execution Restriction Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft ASP.NET. Authentication may be required to exploit this vulnerability depending upon configuration. Additionally, specific configuration is required. The specific flaw exists within the...

CVE-2025-62630 Advantech DeviceOn/iEdge Path Traversal

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions...

CVE-2025-20131

A vulnerability in the GUI of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this...

MimeTeX 安全漏洞

MimeTeX is an image converter from the individual developer John Forkosh. A security vulnerability exists in versions of MimeTeX prior to v.1.77, which stems from a specially crafted file upload that causes directory traversal, which could lead to the execution of arbitrary code...

SUSE CVE-2025-0312

A vulnerability in ollama/ollama versions =0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service DoS attack via remote network...

CVE-2024-37084 CVE-2024-37084: Remote code execution in Spring Cloud Data Flow

In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server...

CVE-2024-22263

Spring Cloud Data Flow is a microservices-based Streaming and Batch data processing in Cloud Foundry and Kubernetes. The Skipper server has the ability to receive upload package requests. However, due to improper sanitization for upload path, a malicious user who has access to skipper server api...

PT-2024-18118 · Unknown · Rtu500 Series

Name of the Vulnerable Software and Affected Versions: RTU500 series product affected versions not specified Description: A vulnerability exists in the stb-language file handling. A malicious actor could enforce diagnostic texts being displayed as empty strings, if an authorized user uploads a...

CVE-2023-44824

An issue in Expense Management System v.1.0 allows a local attacker to execute arbitrary code via a crafted file uploaded to the sign-up.php component...

PT-2023-20790 · Monitorr · Monitorr

Name of the Vulnerable Software and Affected Versions: Monitorr version 1.7.6 Description: A remote attacker can execute arbitrary code via a crafted file upload to the "assets/php/upload.php" endpoint. This allows for the potential execution of malicious code on the affected system...

Online Diagnostic Lab Management System 代码问题漏洞

Online Diagnostic Lab Management System is an online diagnostic lab management system. A security vulnerability exists in Online Diagnostic Lab Management System version v1.0, which originates from an arbitrary file upload vulnerability contained in the component /phpaction/createOrder.php that...

CVE-2020-1576

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint...

Huawei ViewPoint 8660 Memory Disclosure Vulnerability

Huawei ViewPoint 8660 is a multipoint control unit for conference TV systems from Huawei, China. A memory leak vulnerability exists in Huawei ViewPoint 8660 version V100R008C03, which originates from the device not reasonably freeing memory when parsing XML Schema. An attacker could exploit the...

php: Improper error handling in bzread()

A flaw was found in the way certain error conditions were handled by bzread function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vulnerable function, could cause the application to crash or execute arbitrary code with the permission...

CVE-2015-7912

The Ice Faces servlet in agserverservice.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows remote attackers to upload and execute arbitrary Java code via a crafted XML document...