CVE-2026-2184

A vulnerability was detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This vulnerability affects unknown code of the file /restructured/csv.php. The manipulation of the argument photo results in os command injection. The attack can be...

CVE-2026-2183

A security vulnerability has been detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This affects an unknown part of the file /restructured/csv.php. The manipulation leads to unrestricted upload. Remote exploitation of the attack is possible...

CVE-2026-2183

The CVE-2026-2183 entry concerns the Great Developers Certificate Generation System (up to the latest commit 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73). Affects an unknown part of the file /restructured/csv.php, where manipulation enables an unrestricted file upload, enabling remote exploitation. ...

CVE-2026-2183 Great Developers Certificate Generation System csv.php unrestricted upload

A security vulnerability has been detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This affects an unknown part of the file /restructured/csv.php. The manipulation leads to unrestricted upload. Remote exploitation of the attack is possible...

EUVD-2020-2865

Malware in sbrugna...

BloodBank 1.0 Insecure Direct Object Reference

====================================================================================================================================== | Title : BloodBank v1.0 - Blood Donor Directory CMS with PayPal Integration unauthorized administrative access Vulnerability | | Author : indoushka | | Tested on...

CVE-2020-10412

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/import-csv.php by adding a question mark ? followed by the payload...

Directory Traversal

librenms/librenms is vulnerable to directory traversal. The usage of mysqlrealescapestring to sanitize untrusted user supplied data that is subsequently passed to the include function as a file path in csv.php, is insecure. An attacker could potentially include arbitrary files on the server using...

Paid Memberships Pro 1.4.7 - adminpages/memberslist-csv.php Direct Request Member Personal Information Disclosure

The Paid Memberships Pro WordPress plugin was affected by an adminpages/memberslist-csv.php Direct Request Member Personal Information Disclosure security vulnerability...

Wordpress Automatic Plugin 2.0.3 - SQL Injection

No description provided by source. Title: ====== Wordpress Automatic Plugin v2.0.3 SQL Injection Date: ===== 2012-06-15 Website: =========== http://codecanyon.net/item/wordpress-automatic-plugin/1904470 Introduction: ============= Wordpress automatic plugin posts quality targeted articles, Amazon...

Wordpress Automatic Plugin v2.0.3 CSRF Exploit

Exploit for php platform in category web applications Title: ====== Wordpress Automatic Plugin v2.0.3 CSRF Exploit Date: ===== 2012-06-15 Website: =========== http://codecanyon.net/item/wordpress-automatic-plugin/1904470 Introduction: ============= Wordpress automatic plugin posts quality targete...

WordPress Plugin Automatic 2.0.3 - SQL Injection

Title: ====== Wordpress Automatic Plugin v2.0.3 SQL Injection Date: ===== 2012-06-15 Website: =========== http://codecanyon.net/item/wordpress-automatic-plugin/1904470 Introduction: ============= Wordpress automatic plugin posts quality targeted articles, Amazon Products, clickbank Products,...

WordPress Plugin Automatic 2.0.3 - SQL Injection

WordPress Plugin Automatic 2.0.3 - SQL Injection Title: ====== Wordpress Automatic Plugin v2.0.3 SQL Injection Date: ===== 2012-06-15 Website: =========== http://codecanyon.net/item/wordpress-automatic-plugin/1904470 Introduction: ============= Wordpress automatic plugin posts quality targeted...

Path traversal

Metaways Tine 2.0 allows remote attackers to obtain sensitive information via unknown vectors in 1 Crm/Controller.php, 2 Crm/Export/Csv.php, or 3 Calendar/Model/Attender.php, which reveal the full installation path...