EUVD-2019-20000

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

CVE-2023-4988

A vulnerability, which was classified as problematic, was found in Bettershop LaikeTui. This affects an unknown part of the file index.php?module=system=uploadImg. The manipulation of the argument imgFile leads to unrestricted upload. It is possible to initiate the attack remotely. This product...

CVE-2025-14522

A vulnerability was detected in baowzh hfly up to 638ff9abe9078bc977c132b37acbe1900b63491c. The impacted element is an unknown function of the file /Public/Kindeditor/php/uploadjson.php. Performing manipulation of the argument imgFile results in unrestricted upload. It is possible to initiate the...

phpwcms 代码问题漏洞

phpwcms is an open source web content management system from slackero open source. It is fast, easy to install and can run on any standard web server platform that supports PHP/MySQL. A code issue vulnerability exists in phpwcms 1.9.45 and 1.10.8 and earlier versions, which stems from an incorrec...

youkefu 代码问题漏洞

youkefu is a customer service support application by the individual developer zhangyanbo2007. A code issue vulnerability exists in youkefu 4.2.0 and earlier versions, which originates from the file youkefu-mastersrcmainjavacomukefuwebimwebhandler. Mishandling of the parameter imgFile in...