122 matches found
File Browser 安全漏洞
File Browser is an open-source file management interface developed by File Browser. It allows for the uploading, deletion, previewing, and editing of files within a specified directory. Versions of File Browser prior to 2.57.1 contained security vulnerabilities. These vulnerabilities stemmed from...
EUVD-2006-5964
Malware in sbrugna...
EUVD-2021-27079
Malware in sbrugna...
Malicious Package
Overview file-uploading-advance is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
Malicious code in file-uploading-advance (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a24a99ddaa80c4d726f189f11309cdab74b4343f1e567ec3c5fd01fcd9832b3c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47925 Malicious code in file-uploading-advance (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a24a99ddaa80c4d726f189f11309cdab74b4343f1e567ec3c5fd01fcd9832b3c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-23244
Malicious code in bioql PyPI...
EUVD-2023-41856
Malicious code in bioql PyPI...
EUVD-2023-28826
Malicious code in bioql PyPI...
EUVD-2024-16917
Malicious code in bioql PyPI...
EUVD-2023-36981
Malicious code in bioql PyPI...
EUVD-2023-45846
Malicious code in bioql PyPI...
EUVD-2024-46463
Malicious code in bioql PyPI...
CVE-2025-41396
PowerCMS (Alfasado PowerCMS) is affected by CVE-2025-41396 due to a path traversal vulnerability in the file-upload feature. The root cause allows a product user to overwrite arbitrary files on the system. Affected versions are multiple PowerCMS releases; impact is arbitrary file overwrite, with ...
CVE-2025-48017 Improper Limitation of a Pathname to a Restricted Directory
Improper limitation of pathname in Circuit Provisioning and File Import applications allows modification and uploading of files...
CVE-2024-51053
An arbitrary file upload vulnerability in the component /main/fileupload.php of AVSCMS v8.2.0 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2024-50561
A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.2, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.2, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.2, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.2, SCALANCE...
There is a file uploading vulnerability in Jiangsu Wave Information Consulting Company Limited's state-owned capital supervision informatization platform
Jiangsu Wave Information Consulting Co., Ltd. is an ERP senior industry consultants, deep technical background and industry experience, innovation, "integrity management, adhering to the advanced, deep technology" as the goal of the IT company. Jiangsu Wave Information Consulting Co., Ltd...
CVE-2024-40482
CVE-2024-40482 affects Kashipara Live Membership System v1.0. An unrestricted file upload in "/Membership/edit_member.php" enables attackers to upload a crafted PHP file and achieve arbitrary code execution. The CVSS basis is 9.8 (CRITICAL): Network access, no authentication, low attack complexit...
PT-2024-35135 · WordPress · Postx
Name of the Vulnerable Software and Affected Versions: PostX plugin for WordPress versions up to, and including, 4.1.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's file uploading feature due to insufficient input sanitization and output escaping. This allows...