17 matches found
EUVD-2025-16373
Malicious code in bioql PyPI...
EUVD-2025-16377
Malicious code in bioql PyPI...
CVE-2025-46080
HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server...
CVE-2025-46078
HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of the target server...
CVE-2025-46078
HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of the target server...
CVE-2025-46080
HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server...
CVE-2025-46080
HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server...
CVE-2025-46078
HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of the target server...
HuoCMS 安全漏洞
Suq HuoCMS is a modern content management system based on ThinkPHP6 and Vue3 developed by Nanjing Digital Flag Technology Suq Company in China. A security vulnerability exists in HuoCMS 3.5.1 and earlier versions, which stems from a file upload feature that could lead to server compromise...
CVE-2025-46080
CVE-2025-46080 concerns HuoCMS v3.5.1, where a file-upload vulnerability in the AttachmentController.php (editFileUrl) allows bypassing whitelist checks by manipulating the copy operation. The root cause is a suffix/filename handling gap: the new path suffix (suffix_url) can be crafted to evade t...
CVE-2025-46078
HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of the target server...
PT-2025-23159 · Huocms · Huocms
Name of the Vulnerable Software and Affected Versions: HuoCMS versions 3.5.1 and earlier Description: The issue allows attackers to take control of the target server through file upload. Recommendations: For HuoCMS versions 3.5.1 and earlier, at the moment, there is no information about a newer...
CVE-2025-46080
HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server...
HuoCMS 安全漏洞
Suq HuoCMS is a modern content management system based on ThinkPHP6 and Vue3 developed by Nanjing Digital Flag Technology Suq Company in China. A security vulnerability exists in HuoCMS version 3.5.1, which stems from a file upload feature that may bypass whitelisting restrictions and lead to...
PT-2025-23160 · Huocms · Huocms
Name of the Vulnerable Software and Affected Versions: HuoCMS version 3.5.1 Description: The issue allows an attacker to exploit a flaw and bypass whitelist restrictions, enabling them to craft malicious files with specific suffixes and potentially gain control of the server. Recommendations: For...
CVE-2025-46080
HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server...
CVE-2025-46078
CVE-2025-46078 affects HuoCMS v3.5.1 and earlier. Several connected sources confirm a file-upload vulnerability that can lead to server compromise. The root cause described in the exploit details is an insecure upload pipeline (sliceUploadAndSave/Upload.php) allowing attacker-controlled parameter...