PT-2026-45036

Summary An authenticated Admidio member with upload rights on any one folder can permanently delete files from folders where they have only view access. The authorization check at the top of modules/documents-files.php evaluates upload rights against the attacker-supplied folder uuid URL paramete...

CVE-2024-27115

A unauthenticated Remote Code Execution RCE vulnerability is found in the SO Planning online planning tool. With this vulnerability, an attacker can upload executable files that are moved to a publicly accessible folder before verifying any requirements. This leads to the possibility of execution...

CVE-2024-32880 pyLoad allows upload to arbitrary folder lead to RCE

pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication...

Description of the Office 2010 update: September 13, 2011

Description of the Office 2010 update: September 13, 2011 INTRODUCTION Microsoft has released an update for Microsoft Office 2010. This update provides the latest fixes for the 32-bit and the 64-bit editions of Office 2010. Additionally, this update contains stability and performance improvements...

EAFlashUpload Remote File Upload Vulnerability

Exploit for php platform in category web applications -------------------------------------------------------------------+ Exploit Title : EAFlashUpload Remote File Upload Date : 27-5-2012 Author : Dr.SiLnT HilL Version : 2.6 Dork : inurl:"EAFlashUpload" Download :...