CVE-2026-2146

A security flaw has been discovered in guchengwuyue yshopmall up to 1.9.1. This affects the function updateAvatar of the file /api/users/updateAvatar of the component co.yixiang.utils.FileUtil. Performing a manipulation of the argument File results in unrestricted upload. The attack is possible t...

CVE-2022-30007

GXCMS V1.5 has a file upload vulnerability in the background. The vulnerability is the template management page. You can edit any template content and then rename to PHP suffix file, after calling PHP file can control the server...

Getsimple CMS 2.03 - upload-ajax.php Arbitrary File Upload

Getsimple CMS 2.03 - upload-ajax.php Arbitrary File Upload source: https://www.securityfocus.com/bid/46427/info GetSimple CMS is prone to an arbitrary-file-upload vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to upload arbitrary files...

Family Connections 1.8.2 Arbitrary File Upload

Salvatore "drosophila" Fresta + Application: Family Connection + Version: = 1.8.2 + Website: http://www.familycms.com + Bugs: A Arbitrary File Upload + Exploitation: Remote + Date: 3 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta + Contact: e-mail:...

K&S Shopsysteme Arbitrary Remote File Upload Vulnerability

No description provided by source. Script Name: Shopsysteme new version oscommerce Download: http://www.shopsystem-forum.de/productinfo.php?cPath=22&productsid=43 299 euro : Author: mNt File Upload Bug Google Dork: intext:Powered by K&S Media Concept - Shopsysteme Powered by K&S Media Concept -...

KS Shopsysteme - Arbitrary File Upload

KS Shopsysteme - Arbitrary File Upload Script Name: Shopsysteme new version oscommerce Download: http://www.shopsystem-forum.de/productinfo.php?cPath=22&productsid=43 299 euro : Author: mNt File Upload Bug Google Dork: intext:Powered by K&S Media Concept - Shopsysteme Powered by K&S Media Concept...

K&S Shopsysteme Arbitrary Remote File Upload Vulnerability

Exploit for unknown platform in category web applications ========================================================== K&S Shopsysteme Arbitrary Remote File Upload Vulnerability ========================================================== Script Name: Shopsysteme new version oscommerce Download:...

w3blabor CMS 3.0.5 Arbitrary File Upload & LFI Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST; use Getopt::Long; '/ -.- ------------------oOO------OOo----------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research...

easycms.txt

Easy CMS 0.1.2 Php Shell Upload Vulnerabilities ---------------------------------------------------- site:http://sourceforge.net/projects/php-easy-cms/ demo:http://www.easy-cms.be/ -------------------------------------------------- Bug: 1http://victim/choosefile.php Documents Images Scripts Style...

DoKuWiki file-upload vulnerabilities

ADZ Security Team =================== Info Program: DoKuWiki Version: 2005-02-18 Module: media.php Bug type: File Upload bug Vendor site: http://wiki.splitbrain.org/ Vendor Informed: Yes =================== Bug Info Remote user with file-upload privileges can upload anyone file with any...