Lucene search
K

5 matches found

CVE
CVE
added 2026/05/24 10:30 a.m.51 views

CVE-2026-9374

The CVE applies to yangzongzhuan RuoYi-Vue (up to version 3.9.2). The vulnerable component is the Common Upload Endpoint, specifically the FileUploadUtils.upload function in /common/upload. The root cause is described as a manipulation that enables unrestricted file upload, allowing remote exploi...

6.5CVSS6.3AI score0.00195EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/24 10:30 a.m.18 views

CVE-2026-9374 yangzongzhuan RuoYi-Vue Common Upload Endpoint upload FileUploadUtils.upload unrestricted upload

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a manipulation results in unrestricted upload. The attack is possible to be carried out remotely. The...

6.5CVSS0.00195EPSS
Exploits0References3
NVD
NVD
added 2025/09/14 12:15 p.m.5 views

CVE-2025-10398

A security flaw has been discovered in fcbazzm ics-park Smart Park Management System 2.0. This vulnerability affects unknown code of the file FileUploadUtils.java. The manipulation of the argument File results in unrestricted upload. The attack can be launched remotely. The exploit has been...

8.8CVSS0.00302EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/09/14 12:0 a.m.2 views

fcba_zzm ics-park 代码问题漏洞

fcbazzm ics-park is an intelligent park management system from fcbazzm. A code issue vulnerability exists in version 2.0 of fcbazzm ics-park, which stems from the incorrect manipulation of the parameter File in the file FileUploadUtils.java, and could lead to arbitrary file uploads...

8.8CVSS6.6AI score0.00302EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2012/04/06 12:0 a.m.30 views

Uploadify 2.1.4 Cross Site Scripting / Shell Upload

waraxe-2012-SA083 - Multiple Vulnerabilities in Uploadify 2.1.4 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-83.html Description of vulnerable software:...

Exploits0
Rows per page
Query Builder