3615 matches found
CVE-2026-22097
The firmware update mechanism does not include cryptographic signature validation. This allows anyone with access to the firmware update capability to upload arbitrary files which can then lead to arbitrary code execution...
CVE-2026-22096
The webserver running on port 8090 does not require authentication. This allows for sensitive information leakage such as configured passwords, or uploading files through different endpoints...
CVE-2026-22096 Missing authentication for webserver endpoints
The webserver running on port 8090 does not require authentication. This allows for sensitive information leakage such as configured passwords, or uploading files through different endpoints...
CVE-2026-22096
CVE-2026-22096 concerns a webserver running on port 8090 that does not require authentication, enabling sensitive information leakage (e.g., configured passwords) and file uploads via multiple endpoints. The Connected documents provide the same description across NVD and CVE records, with no vend...
Ninja Forms File Uploads <= 3.3.26 - Arbitrary File Upload
Ninja Forms File Uploads plugin for WordPress versions up to and including 3.3.26 is vulnerable to unauthenticated arbitrary file upload which could lead to remote code execution. id: CVE-2026-0740 info: name: Ninja Forms File Uploads = 3.3.26 - Arbitrary File Upload author: whattheslime severity...
CVE-2026-56814
Plug.Parsers.MULTIPART, the multipart request-body parser used to handle file uploads and multipart forms, does not enforce its :length budget against all consumed resources, allowing an unauthenticated remote attacker to cause denial of service. The parser charges the :length limit only for part...
CVE-2026-56814 Plug: multipart :length limit is not charged for part headers, enabling unbounded temp-file creation (denial of service)
Plug.Parsers.MULTIPART, the multipart request-body parser used to handle file uploads and multipart forms, does not enforce its :length budget against all consumed resources, allowing an unauthenticated remote attacker to cause denial of service. The parser charges the :length limit only for part...
EUVD-2026-42790
The Instant Appointment plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'insappuploadimageasattachment' function in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the...
The vulnerability of the browse.ajaxAddPicture method in the PageBuilder CK extension of the Joomla content management system allows a malicious actor to gain unauthorized access to protected information, upload arbitrary files, and execute arbitrary code.
The vulnerability of the browse.ajaxAddPicture method in the PageBuilder CK extension of the Joomla content management system is related to the unlimited loading of dangerous files due to improper access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...
CVE-2026-8801
Technical details about CVE-2026-8801 are not publicly available in the provided documents. Monitor for further updates from vendors and standard CVE sources.
CVE-2026-59807
CVE-2026-59807 affects Composio SDK prior to 0.2.32-beta.283. A path validation bypass in readFileFromDisk (tool-file-uploads.ts) can enable an attacker to read and exfiltrate sensitive files by manipulating file_uploadable parameters via prompt injection, referencing sensitive paths such as SSH ...
CVE-2026-14489
The WHMCS Bridge plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the connect function in all versions up to, and including, 6.9. This makes it possible for authenticated attackers, with Custom-level access and above, to upload arbitrary files on...
PT-2026-56569
Name of the Vulnerable Software and Affected Versions Composio SDK versions prior to 0.2.32-beta.283 Description A path validation bypass allows attackers to read and exfiltrate sensitive files. This occurs due to a missing assertSafeFileUploadPath check in the readFileFromDisk function within...
CVE-2026-55078
Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.17.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, POST /api/v2/files converts zip uploads to tar in memory via CreateTarFromZip, which enforced a per-entry size limit but no...
CVE-2026-55078
Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.17.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, POST /api/v2/files converts zip uploads to tar in memory via CreateTarFromZip, which enforced a per-entry size limit but no...
Cisco VPN Routers - Unauthenticated Arbitrary File Upload
A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement...
CVE-2026-57871
Relative path traversal vulnerability in MicroRealEstate file upload functionality allows attackers to potentially overwrite system files. This issue affects MicroRealEstate: through 1.0.0-alpha3...
CVE-2026-42145 Coolify: File Upload Without Type or Size Validation in Database Backup Restore
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the file upload endpoint app/Http/Controllers/UploadController.php for database backup restore uploads did not enforce file type or size validation, allowing an authenticat...
PT-2026-56068
Name of the Vulnerable Software and Affected Versions Coder versions 2.17.0 through 2.29.6 Coder versions 2.32.0 through 2.32.6 Coder versions 2.33.0 through 2.33.7 Coder versions 2.34.0 through 2.34.1 Description The POST /api/v2/files endpoint converts zip uploads to tar in memory using the...
CVE-2026-14698
A security flaw has been discovered in SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0. Impacted is an unknown function of the file uploadfiles.php. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been...