3 matches found
CVE-2026-42145
CVE-2026-42145 —Coolify prior to 4.0.0-beta.474 has a vulnerable file upload endpoint (app/Http/Controllers/UploadController.php) for database backup restores that did not enforce file type or size validation. An authenticated user could upload unexpected or oversized files, potentially impacting...
Design/Logic Flaw
Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action...
CVE-2014-7288
Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action...