Lucene search
K

13 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/22 12:0 a.m.2 views

CVE-2025-69828

File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818 allows a remote attacker to execute arbitrary code via the Logo upload in /Customer/AddEdit...

10CVSS6AI score0.00486EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-43249

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00623EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-43248

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00224EPSS
Exploits0References2
OSV
OSV
added 2025/05/18 10:15 p.m.5 views

CVE-2025-4898

A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects the function unlink of the file updatesystem.php of the component Logo File Handler. The manipulation of the argument oldlogo leads to path traversal. The...

5.4CVSS5.5AI score0.00461EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/05/18 12:0 a.m.6 views

PT-2025-21866 · Sourcecodester · Sourcecodester Student Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Result Management System version 1.0 Description: A critical issue has been identified, affecting the unlink function of the update system.php file in the Logo File Handler component. The manipulation of the old logo...

5.5CVSS5.4AI score0.00461EPSS
Exploits0References9
NVD
NVD
added 2023/12/06 4:15 p.m.21 views

CVE-2023-39538

AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a BMP Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

7.8CVSS0.00224EPSS
Exploits0References2
CVE
CVE
added 2023/12/06 3:17 p.m.90 views

CVE-2023-39538

CVE-2023-39538 concerns AMI AptioV BIOS where an attacker with local access can trigger an unrestricted upload of a BMP Logo file deemed dangerous, potentially affecting confidentiality, integrity, and availability. The vulnerability stems from BMP logo handling in AMI AptioV BIOS and has been di...

7.8CVSS7.5AI score0.00224EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/12/06 3:17 p.m.27 views

CVE-2023-39538 Failure when uploading a Logo image file

AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a BMP Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

7.5CVSS7.8AI score0.00224EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/12/06 3:15 p.m.15 views

CVE-2023-39539 Failure when uploading a Logo image file

AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a PNG Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

7.5CVSS6.8AI score0.00623EPSS
Exploits0References3
Prion
Prion
added 2019/08/05 12:15 p.m.13 views

Path traversal

The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter...

5CVSS7.5AI score0.02446EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2019/08/05 11:30 a.m.24 views

CVE-2019-14521

The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter...

7.6AI score0.02446EPSS
Exploits1References4
0day.today
0day.today
added 2018/10/28 12:0 a.m.290 views

Webiness Inventory 2.9 Shell Upload Exploit

Exploit for php platform in category web applications Exploit Title: Webiness Inventory 2.9 Arbitrary File Upload Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Software Link: https://github.com/webiness/webinessinventory Version: 2.9 46 foreach $FILES as $file 47 $fileName =...

7.4AI score
Exploits0
NVD
NVD
added 2008/04/15 5:5 p.m.20 views

CVE-2008-1790

Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulnerability...

6.5CVSS7.2AI score0.01084EPSS
Exploits0References6
Rows per page
Query Builder