6 matches found
CLSA-2026-1775723827 rsync: Fix of CVE-2025-10158
CVE-2025-10158: fix invalid access to files array via negative parentndx...
Allocation of Resources Without Limits or Throttling
Overview @sveltejs/kit is a SvelteKit framework and CLI Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the deserializebinaryform function in the remote form handler. An attacker can exhaust application resources by sending crafted bina...
Vvveb 安全漏洞
Vvveb is a powerful and easy-to-use CMS from Givan Personal Developers for building websites, blogs or e-commerce stores. A security vulnerability exists in Vvveb version 1.0.7.2 and earlier, which stems from the incorrect operation of the parameter files in the /system/traits/media.php file...
PT-2025-34575 · Unknown · Givanz Vvveb
Name of the Vulnerable Software and Affected Versions: givanz Vvveb versions up to 1.0.7.2 Description: A weakness exists in givanz Vvveb that allows for unrestricted file upload. The issue is located in an unknown function within the /system/traits/media.php file. Manipulation of the files...
DEBIAN-CVE-2005-3300
The registerglobals emulation layer in grabglobals.php for phpMyAdmin before 2.6.4-pl3 does not perform safety checks on values in the FILES array for uploaded files, which allows remote attackers to include arbitrary files by using direct requests to library scripts that do not use...
security flaw
rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$FILES" array to be modified...