5 matches found
CVE-2026-9374
The CVE applies to yangzongzhuan RuoYi-Vue (up to version 3.9.2). The vulnerable component is the Common Upload Endpoint, specifically the FileUploadUtils.upload function in /common/upload. The root cause is described as a manipulation that enables unrestricted file upload, allowing remote exploi...
CVE-2026-9374 yangzongzhuan RuoYi-Vue Common Upload Endpoint upload FileUploadUtils.upload unrestricted upload
A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a manipulation results in unrestricted upload. The attack is possible to be carried out remotely. The...
CVE-2025-10398
A security flaw has been discovered in fcbazzm ics-park Smart Park Management System 2.0. This vulnerability affects unknown code of the file FileUploadUtils.java. The manipulation of the argument File results in unrestricted upload. The attack can be launched remotely. The exploit has been...
fcba_zzm ics-park 代码问题漏洞
fcbazzm ics-park is an intelligent park management system from fcbazzm. A code issue vulnerability exists in version 2.0 of fcbazzm ics-park, which stems from the incorrect manipulation of the parameter File in the file FileUploadUtils.java, and could lead to arbitrary file uploads...
Uploadify 2.1.4 Cross Site Scripting / Shell Upload
waraxe-2012-SA083 - Multiple Vulnerabilities in Uploadify 2.1.4 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-83.html Description of vulnerable software:...