10 matches found
EUVD-2025-7211
Malicious code in bioql PyPI...
CVE-2025-2607
A vulnerability was found in phplaozhang LzCMS-LaoZhangBoKeXiTong up to 1.1.4. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/upload/upimage.html of the component HTTP POST Request Handler. The manipulation of the argument File leads to...
CVE-2025-2607
A vulnerability was found in phplaozhang LzCMS-LaoZhangBoKeXiTong up to 1.1.4. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/upload/upimage.html of the component HTTP POST Request Handler. The manipulation of the argument File leads to...
CVE-2025-2607
A vulnerability was found in phplaozhang LzCMS-LaoZhangBoKeXiTong up to 1.1.4. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/upload/upimage.html of the component HTTP POST Request Handler. The manipulation of the argument File leads to...
CVE-2025-2607 phplaozhang LzCMS-LaoZhangBoKeXiTong HTTP POST Request upimage.html unrestricted upload
A vulnerability was found in phplaozhang LzCMS-LaoZhangBoKeXiTong up to 1.1.4. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/upload/upimage.html of the component HTTP POST Request Handler. The manipulation of the argument File leads to...
CVE-2025-2607
The CVE-2025-2607 entry concerns phplaozhang LzCMS-LaoZhangBoKeXiTong up to version 1.1.4. The vulnerability occurs in the HTTP POST Request Handler for the file /admin/upload/upimage.html, where manipulation of the File argument enables unrestricted file upload. Exploitation is described as remo...
CVE-2025-2607 phplaozhang LzCMS-LaoZhangBoKeXiTong HTTP POST Request upimage.html unrestricted upload
A vulnerability was found in phplaozhang LzCMS-LaoZhangBoKeXiTong up to 1.1.4. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/upload/upimage.html of the component HTTP POST Request Handler. The manipulation of the argument File leads to...
File Upload Vulnerability in LzCMS Content Management System
LzCMS is a simple blog system developed with ThinkPHP+layui. A file upload vulnerability exists in the LzCMS content management system, which can be used by attackers to gain server privileges...
Command Execution Vulnerability in LzCMS Content Management System Backend
LzCMS is a simple blog system made by ThinkPHP+layui. A command execution vulnerability exists in the backend of LzCMS content management system. Attackers can use this vulnerability to upload Trojan horse files and obtain webshell...
Code Execution Vulnerability in LzCMS v1.1.4
LzCMS Lao Zhang Content Management System is a simple blog system made by ThinkPHP+layui. A code execution vulnerability exists in LzCMS v1.1.4, which is due to the system failing to effectively filter data written to cache files. Attackers can use this vulnerability to upload Trojan horse files...