CVE-2026-32892

CVE-2026-32892 affects Chamilo LMS before 1.11.38 and 2.0.0-RC.3. The vulnerability is an OS command injection in the move() function of fileManage.lib.php, where user-controlled path values are concatenated into shell commands (e.g., exec("mv $source $target")) without escaping. The move_to POST...

Arbitrary File Deletion Vulnerability in the fileservice/FileManage.asmx?op Page of the Elearning Management System of Xinwei Software

E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. The E-learning management system fileservice/FileManage.asmx?op page contains an arbitrary file deletion vulnerability that can be exploited by an attacker to delete files and folders...

Hsort the press management system /Admin/fileManage. aspx file value parameter arbitrary File Download vulnerability

No description provided by source...

Hsort Newspaper Management System Exploits Arbitrary File Download Vulnerability

Hsort Newspaper Management System is a set of software for newspapers, magazines, digital version of the publication, update software, just contain the article content of the plain text for simple identification, can be quickly generated by this software according to the template of the entire si...

Wind noise browse the directory to create the file vulnerability-vulnerability warning-the black bar safety net

Brief description: By testing found that the program FolderImageList. asp FolderImageList. asp FileManage. asp several scripts in process user submitted a malicious path parameter does not control the filter, the attacker can make the server the current view, create and other operations, a...