10 matches found
CVE-2026-48945
The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...
EUVD-2026-39447
The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...
CVE-2026-48945
The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...
CVE-2026-48945
The CVE describes a vulnerability in the K2 Joomla extension (getk2.com) where the article gallery upload path accepts a zip/tar archive and extracts it to /media/k2/galleries//. The extractor renames image files (gif/jpg/jpeg/png/webp) to safe names, but non-image files (including .php) are extr...
📄 Django Summernote 0.8.20.0 Unrestricted File Upload Scanner
This Metasploit Auxiliary Scanner module detects unrestricted file upload vulnerabilities in django-summernote. It targets misconfigurations where image validation depends on the Pillow library and allows non-image files to be uploaded when Pillow is missing. The module safely scans common upload...
CVE-2022-37346
EC-CUBE plugin 'Product Image Bulk Upload Plugin' 1.0.0 and 4.1.0 contains an insufficient verification vulnerability when uploading files. Exploiting this vulnerability allows a remote unauthenticated attacker to upload arbitrary files other than image files. If a user with an administrative...
CVE-2017-10973
In FineCMS before 2017-07-06, application/lib/ajax/getimagedata.php has SSRF, related to requests for non-image files with a modified HTTP Host header...
Server side request forgery (ssrf)
In FineCMS before 2017-07-06, application/lib/ajax/getimagedata.php has SSRF, related to requests for non-image files with a modified HTTP Host header...
ImageShack Toolbar 4.5.7 - FileUploader Class InsecureMethod
ImageShack Toolbar 4.5.7 - FileUploader Class InsecureMethod suntzu.BuildSlideShow "file:///c:\xpwallpaperglass.jpg","Big",1,"uhuhinterestingprivatethings","Fade","White" suntzu.BuildSlideShow "file:///c:\boot.ini", "Big",1,"uhuhinterestingprivatethings...
Gallery 1.4.4 - Remote Server-Side Script Execution
source: https://www.securityfocus.com/bid/10968/info A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue is a design error that occurs due to the 'settimelimit' function. The issue presents itself becuase...