newbee-mall-plus 安全漏洞

newbee-mall-plus is an open source e-commerce system by newbee-ltd. A security vulnerability exists in version 2.0.0 of newbee-mall-plus, which stems from the incorrect manipulation of the parameter File in the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java, which coul...

CVE-2025-11659 ProjectsAndPrograms School Management System uploadNotes.php unrestricted upload

A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this vulnerability is an unknown functionality of the file /assets/uploadNotes.php. This manipulation of the argument File causes unrestricted upload. Remote...

school-management-system 代码问题漏洞

school-management-system is a school management system developed in PHP for schools or small organizations by Shubham kumar individual developer. A code issue vulnerability exists in school-management-system, which stems from the incorrect manipulation of the parameter File in the file...

school-management-system 代码问题漏洞

school-management-system is a school management system developed in PHP for schools or small organizations by Shubham kumar individual developer. A code issue vulnerability exists in school-management-system, which stems from the incorrect manipulation of the parameter File in the file...

fcba_zzm ics-park 代码问题漏洞

fcbazzm ics-park is an intelligent park management system from fcbazzm. A code issue vulnerability exists in version 2.0 of fcbazzm ics-park, which stems from the incorrect manipulation of the parameter File in the file FileUploadUtils.java, and could lead to arbitrary file uploads...

CVE-2025-8764

A vulnerability classified as critical has been found in linlinjava litemall up to 1.8.0. Affected is the function Upload of the file /wx/storage/upload. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclose...

CVE-2024-57549

CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request...

CVE-2024-57549

CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request...

ABCD2 跨站脚本漏洞

ABCD2 is an ABCD open source software suite for library and documentation center automation. A cross-site scripting vulnerability exists in ABCD2 2.2.0-beta-1 and earlier versions, which stems from some unknown handling of the file /buscarintegrada.php, where manipulation of the parameter...

Yunjing CMS 安全漏洞

Yunjing CMS is an open source PHP enterprise website construction management system from China Yunjing Yunjing Company. A security vulnerability exists in Yunjing CMS, which originates from an affected unknown code in the file /index/user/uploadimg.html, where manipulation of the parameter file...

dompdf 0.6.0 beta1 - Remote File Inclusion Vulnerability

No description provided by source. ================================== apps dompdf RFI Vulnerability ================================== ==================================================== x ExpL0it TitLe : apps dompdf RFI Vulnerability x DatE : 01 September 2010 x AutH0r : AndreCorleone x Softwar...