PT-2024-35728 · Unknown · Car Rental Management System

Name of the Vulnerable Software and Affected Versions: Car Rental Management System versions 1.0 through 1.3 Description: The issue allows attackers to execute arbitrary code via uploading a crafted file, exploiting an authenticated arbitrary file upload vulnerability. Recommendations: For versio...

PT-2024-33352 · Unknown · Feed Comments Number

Name of the Vulnerable Software and Affected Versions: Feed Comments Number versions 0.2.1 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited by uploading malicious files,...

PT-2024-33217 · Dycms · Dycms

Name of the Vulnerable Software and Affected Versions: DYCMS Open-Source Version v2.0.9.41 Description: The issue allows a remote attacker to execute arbitrary code via the application only detecting the extension of image files in the front-end. This weakness lets a remote attacker run any code...

PT-2023-28323 · Unknown · Teller Web App

Name of the Vulnerable Software and Affected Versions: Teller Web App version 4.4.0 Description: An arbitrary file upload vulnerability allows a remote attacker to execute arbitrary commands and obtain sensitive information via uploading a crafted file. Recommendations: For Teller Web App version...

PT-2023-27740 · Unknown · Adlered Bolo-Solo

Name of the Vulnerable Software and Affected Versions: adlered bolo-solo version 2.6 Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the authorization field in the header. This can be done by uploading a file with malicious content, potentially...

PT-2023-11511 · Unknown · Emlog Emlogcms

Name of the Vulnerable Software and Affected Versions: Emlog EmlogCMS version 6.0.0 Description: A remote attacker can gain access to sensitive information via the "/admin/plugin.php" function. This issue allows unauthorized access, potentially leading to data breaches. Recommendations: For Emlog...

PT-2023-22353 · Extplorer · Extplorer

Name of the Vulnerable Software and Affected Versions: eXtplorer version 2.1.15 Description: The issue allows for insecure permissions, specifically through the file upload feature in the file manager. This vulnerability enables the upload of zip files that contain PHP pages, which can lead to...

PT-2022-26823 · Unknown · Canteen Management System

Name of the Vulnerable Software and Affected Versions: Canteen Management System version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted PHP file, exploiting an arbitrary file upload vulnerability. This is achievable through the "ip/youthappam/php...

PT-2022-26806 · Unknown · Canteen Management System

Name of the Vulnerable Software and Affected Versions: Canteen Management System version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted PHP file, exploiting an arbitrary file upload vulnerability. This is achieved through the API endpoint "/youthappam/manage...

PT-2022-25924 · Unknown · Wedding Planner

Name of the Vulnerable Software and Affected Versions: Wedding Planner version 1.0 Description: The issue is related to an arbitrary file upload vulnerability in the /Wedding-Management-PHP/admin/photos add.php component. This allows attackers to execute arbitrary code via a crafted PHP file...

PT-2022-21083 · Snipe-It · Snipe-It

Name of the Vulnerable Software and Affected Versions: Snipe-IT version 6.0.2 Description: The issue allows attackers to execute arbitrary code via a crafted file, exploiting an arbitrary file upload vulnerability in the Update Branding Settings component. Recommendations: For Snipe-IT version...

PT-2022-20990 · Mcms · Mcms

Name of the Vulnerable Software and Affected Versions: MCMS version 5.2.8 Description: The issue is related to an arbitrary file upload vulnerability. This means that an attacker could potentially upload malicious files to the system, which could lead to various security problems. Recommendations...