CVE-2025-3169

A vulnerability was found in Projeqtor up to 12.0.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /tool/saveAttachment.php. The manipulation of the argument attachmentFiles leads to unrestricted upload. The attack may be launched remotely. The...

JobMonster < 4.6.6.1 - Directory Listing in Upload Folder

The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/ folder, as it did not include a default PHP file, or .htaccess file. This could expose personal data such as people's resumes. Although Directory Listing can be prevented by securely configuring the we...

Code Execution Vulnerability in Ctcms Movie & TV System Backend

Ctcms is a fast website building system that runs on PHP+MYSQL environment. Code execution vulnerability exists in the backend of Ctcms movie and TV system. It allows attackers to upload exp files, execute commands, and gain server privileges...

civic crm 422

upload exploit /RFI 260413 developer http://civicrm.org/category/civicrm-blog-categories/civicrm-v43 release 4.3.1 Authors:...

Studio Lounge Address Book 2.5 (profile) Shell Upload Vulnerability

Exploit for unknown platform in category web applications =================================================================== Studio Lounge Address Book 2.5 profile Shell Upload Vulnerability =================================================================== Address Book 2.5 profile Remote Shell...