4 matches found
TMS Management Console security vulnerabilities
TMS Management Console is a management console software developed by the American company TMS. Version 6.3.7.27386.20250818 of TMS Management Console contains a security vulnerability. This vulnerability stems from the Logo upload function in the /Customer/AddEdit section, which has a file upload...
CVE-2025-15262
A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The...
CVE-2021-24663
The Simple Schools Staff Directory WordPress plugin through 1.1 does not validate uploaded logo pictures to ensure that are indeed images, allowing high privilege users such as admin to upload arbitrary file like PHP, leading to RCE...
Cybozu Remote Service Arbitrary File Upload Vulnerability
Cybozu Remote Service is Cybozu's remote service management software for accessing Cybozu's internal systems. A security vulnerability exists in the logo setting page in Cybozu Remote Service versions 3.0.0 through 3.1.0. The vulnerability can be exploited to execute arbitrary Java code on the...