Lucene search
K

6 matches found

HackRead
HackRead
added 2025/12/11 5:12 p.m.7 views

Malicious Visual Studio Code Extensions Hide Trojan in Fake PNG Files

VS Code developers beware: ReversingLabs found 19 malicious extensions hiding trojans inside a popular dependency, disguising the final malware payload as a standard PNG image file...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2025/05/28 12:0 a.m.5 views

SourceCodester Web-based Pharmacy Product Management System 代码问题漏洞

SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source web-based pharmacy product management system. A security vulnerability exists in SourceCodester Web-based Pharmacy Product Management System v.1.0, which originates in the file upload functionality and cou...

8.6CVSS6.8AI score0.00427EPSS
Exploits1References4
CVE
CVE
added 2025/05/28 12:0 a.m.62 views

CVE-2025-45997

CVE-2025-45997 affects Sourcecodester Web-based Pharmacy Product Management System v1.0. The issue is in the file upload feature: an attacker can upload a PHP file disguised as an image by tampering the Content-Type header to image/jpg, potentially enabling remote code execution on the server. Th...

8.6CVSS7AI score0.00427EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.5 views

Statamic Security Breach

Statamic is a powerful flat file Cms built on Laravel by Statamic USA. used to store all content, templates, assets and settings in files instead of a database. A security vulnerability exists in Statamic that stems from the possibility of uploading certain additional PHP files that look like...

8.8CVSS7.1AI score0.01104EPSS
Exploits0References3
NVD
NVD
added 2023/11/10 7:15 p.m.38 views

CVE-2023-47129

Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just any arbitrary form. This...

9.8CVSS0.01121EPSS
Exploits0References3
Prion
Prion
added 2022/04/26 7:15 p.m.18 views

Input validation

Insufficient script validation of the admin page enables XSS, which causes unauthorized users to steal admin privileges. When uploading file in a specific menu, the verification of the files is insufficient. It allows remote attackers to upload arbitrary files disguising them as image files...

4.3CVSS6.3AI score0.0073EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder