17 matches found
EUVD-1999-0476
Malware in sbrugna...
EUVD-2025-7128
Malicious code in bioql PyPI...
CVE-2025-46078
HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of the target server...
CVE-2025-46078
HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of the target server...
CVE-2025-46078
CVE-2025-46078 affects HuoCMS v3.5.1 and earlier. Several connected sources confirm a file-upload vulnerability that can lead to server compromise. The root cause described in the exploit details is an insecure upload pipeline (sliceUploadAndSave/Upload.php) allowing attacker-controlled parameter...
PT-2025-22686 · Unknown · Jp Students Result Management System Premium
Name of the Vulnerable Software and Affected Versions: JP Students Result Management System Premium versions 1.1.7 through n/a Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to...
PT-2025-16074 · Softclever Limited · Sync Posts
Name of the Vulnerable Software and Affected Versions: SoftClever Limited Sync Posts versions n/d through 1.0 SoftClever Limited Sync Posts versions n/a through 1.0 Since both descriptions refer to the same range of affected versions, we can consolidate them into one line. However, given the...
CVE-2024-10714
A vulnerability in binary-husky/gptacademic version 3.83 allows an attacker to cause a Denial of Service DoS by adding excessive characters to the end of a multipart boundary during file upload. This results in the server continuously processing each character and displaying warnings, rendering t...
CVE-2022-32262
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.1. The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution...
CVE-2024-47169
Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload arbitrary files to attacker-chosen locations on the server, including JavaScript, enabling the execution of commands within those...
Siemens SINEMA Remote Connect Server命令注入漏洞
SINEMA Remote Connect is a remote network management platform that makes it easy to manage tunneled connections VPN between headquarters, service technicians, and installed machines or plants.A command injection vulnerability exists in Siemens SINEMA Remote Connect Server, which stems from the fa...
Command injection
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.1. The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution...
CVE-2022-32262
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.1. The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution...
Design/Logic Flaw
ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions...
CVE-2021-40188
PHPFusion 9.03.110 is affected by an arbitrary file upload vulnerability. The File Manager function in admin panel does not filter all PHP extensions such as ".php, .php7, .phtml, .php5, ...". An attacker can upload a malicious file and execute code on the server...
File upload vulnerability exists in LaySNS (CNVD-2021-44004)
LaySNS is a set of ThinkPHP5 LayUI development based on the collection of content publishing and community exchanges and one of the integrated website system. A file upload vulnerability exists in LaySNS, which can be exploited to obtain server control privileges...
File Upload Vulnerability in EmpireCMS v7.5
EmpireCMS is an open source software program that runs on PHP+MySQL database. A file upload vulnerability exists in EmpireCMS v7.5, which can be exploited by an attacker to gain control of the server...