134 matches found
SUSE CVE-2026-25242
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below expose unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any remote user can upload arbitrary files to the server via /releases/attachments and...
CVE-2026-25242
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below expose unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any remote user can upload arbitrary files to the server via /releases/attachments and...
CVE-2026-25242 Gogs allows unauthenticated file uploads
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below expose unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any remote user can upload arbitrary files to the server via /releases/attachments and...
CVE-2026-25242 Gogs allows unauthenticated file uploads
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below expose unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any remote user can upload arbitrary files to the server via /releases/attachments and...
PT-2026-20323
Name of the Vulnerable Software and Affected Versions Gogs versions 0.13.4 and below Gogs versions prior to 0.14.1 Description Gogs, a self-hosted Git service, has an issue where unauthenticated file upload is possible by default. When the RequireSigninView setting is disabled which is the defaul...
Soliton Systems Kk FileZen 安全漏洞
Soliton Systems Kk FileZen is a file hosting device developed by the Japanese company Soliton Systems Kk. This device offers functions such as file storage, file transfer, and upload/download capabilities. There is a security vulnerability present in Soliton Systems Kk FileZen; this vulnerability...
EUVD-2026-5001
LocalSend is a free, open-source app that allows users to share files and messages with nearby devices over their local network without needing an internet connection. In versions up to and including 1.17.0, when a user initiates a "Share via Link" session, the LocalSend application starts a loca...
YetiShare File Hosting Script security vulnerability
YetiShare File Hosting Script is a file hosting system provided by the British company YetiShare. Version 5.1.0 of YetiShare File Hosting Script contains a security vulnerability. This vulnerability stems from a server-side request forgeing issue in the remote file upload function, which may lead...
CVE-2024-58313
xbtitFM 4.1.18 contains an insecure file upload vulnerability that allows authenticated attackers with administrative privileges to upload and execute arbitrary PHP code through the filehosting feature. Attackers can bypass file type restrictions by modifying the Content-Type header to image/gif,...
EUVD-2024-55343
xbtitFM 4.1.18 contains an insecure file upload vulnerability that allows authenticated attackers with administrative privileges to upload and execute arbitrary PHP code through the filehosting feature. Attackers can bypass file type restrictions by modifying the Content-Type header to image/gif,...
CVE-2024-58313
xbtitFM 4.1.18 contains an insecure file upload vulnerability that allows authenticated attackers with administrative privileges to upload and execute arbitrary PHP code through the filehosting feature. Attackers can bypass file type restrictions by modifying the Content-Type header to image/gif,...
CVE-2024-58313 xbtitFM 4.1.18 Insecure File Upload in file_hosting Feature
xbtitFM 4.1.18 contains an insecure file upload vulnerability that allows authenticated attackers with administrative privileges to upload and execute arbitrary PHP code through the filehosting feature. Attackers can bypass file type restrictions by modifying the Content-Type header to image/gif,...
CVE-2024-58313 xbtitFM 4.1.18 Insecure File Upload in file_hosting Feature
xbtitFM 4.1.18 contains an insecure file upload vulnerability that allows authenticated attackers with administrative privileges to upload and execute arbitrary PHP code through the filehosting feature. Attackers can bypass file type restrictions by modifying the Content-Type header to image/gif,...
CVE-2024-58313
CVE-2024-58313 affects xbtitFM 4.1.18 and describes an insecure file upload in the file_hosting feature. The root cause is a bypass of file-type checks through Content-Type header manipulation (image/gif), GIF89a bytes, and alternate PHP tags, enabling authenticated attackers with administrative ...
xbtitFM 代码问题漏洞
xbtitFM is a BitTorrent tracker software by the individual developer of xbtitFM. A code issue vulnerability exists in xbtitFM version 4.1.18, which stems from an insecure file upload in the filehosting function that could lead to the execution of arbitrary PHP code...
CVE-2025-12630 Upload.am File Hosting VPN < 1.0.1 - Contributor+ Arbitrary Option Disclosure
The Upload.am WordPress plugin before 1.0.1 is vulnerable to arbitrary option disclosure due to a missing capability check on its AJAX request handler, allowing users such as contributor to view site options...
EUVD-2006-5748
Malware in sbrugna...
EUVD-2009-3622
Malware in sbrugna...
EUVD-2009-0963
Malware in sbrugna...
EUVD-2008-2516
Malware in sbrugna...