PT-2023-22225 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 11.6 Description: A problematic issue affects the Picture Upload Handler component, specifically the file member.php, where the manipulation of the oldpic argument leads to denial of service. The attack can be initiated remotel...

CVE-2021-34129

LaikeTui 3.5.0 allows remote authenticated users to delete arbitrary files, as demonstrated by deleting install.lock in order to reinstall the product in an attacker-controlled manner. This deletion is possible via directory traversal in the uploadImg, oldpic, or imgurl parameter...