40 matches found
CVE-2026-7107
A weakness has been identified in code-projects Invoice System in Laravel 1.0. The impacted element is an unknown function of the file /company. This manipulation of the argument logo causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been made availabl...
CVE-2026-7107 code-projects Invoice System in Laravel company unrestricted upload
A weakness has been identified in code-projects Invoice System in Laravel 1.0. The impacted element is an unknown function of the file /company. This manipulation of the argument logo causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been made availabl...
CVE-2026-7107 code-projects Invoice System in Laravel company unrestricted upload
A weakness has been identified in code-projects Invoice System in Laravel 1.0. The impacted element is an unknown function of the file /company. This manipulation of the argument logo causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been made availabl...
CVE-2026-7107
Technical details about CVE-2026-7107 are not publicly available in the provided documents. Monitor for updates from official advisories.
PT-2026-35380
A weakness has been identified in code-projects Invoice System in Laravel 1.0. The impacted element is an unknown function of the file /company. This manipulation of the argument logo causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been made availabl...
CVE-2025-41084
Stored Cross-Site Scripting XSS vulnerability in Sesame web application, due to the fact that uploaded SVG images are not properly sanitized. This allows attackers to embed malicious scripts in SVG files by sending a POST request using the 'logo' parameter in '/api/v3/companies//logo', which are...
EUVD-2017-8882
Malware in sbrugna...
EUVD-2006-4491
Malware in sbrugna...
EUVD-2022-37046
Malicious code in bioql PyPI...
CVE-2017-17730
DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flinkadd.php...
BIT-JOOMLA-2021-26030 [20210401] - Core - Escape xss in logo parameter error pages
An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page...
CVE-2024-35552
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoMovedeal.php?mudi=del&dataType=logo&dataTypeCN...
CVE-2024-4809
A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file setting.php. The manipulation of the argument logo leads to unrestricted upload. The attack can be launched...
Open Source Clinic Management System 代码问题漏洞
BigProf Online Clinic Management System is an online clinic management system from BigProf, Inc. A code issue vulnerability exists in Open Source Clinic Management System version 1.0, which stems from the parameter logo in the file setting.php that can lead to unrestricted uploads...
PT-2024-32987 · Sourcecodester · Sourcecodester Open Source Clinic Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Open Source Clinic Management System version 1.0 Description: A critical issue has been found in the SourceCodester Open Source Clinic Management System, affecting an unknown functionality of the file setting.php. The...
CVE-2022-34013
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Logo parameter under the Link module...
CVE-2022-34013
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Logo parameter under the Link module...
CVE-2022-34013
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Logo parameter under the Link module...
Server side request forgery (ssrf)
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Logo parameter under the Link module...
CVE-2022-34013
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Logo parameter under the Link module...