5 matches found
CVE-2025-14583
A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing a manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be...
EUVD-2005-0777
Malware in sbrugna...
Mail.ru: Подмена фотографий автомобиля [city-mobil.ru/taxiserv/]
Possibility to change the photo at external-storage.city-mobil.ru by controlling the parameter photourl and id on city-mobil.ru/taxiserv/...
Zomato: CSRF To Like/Unlike Photos
Description: There is a CSRF vulnerability allowing an attacker to trick a user into visiting his/her site and to forge a request to zomato.com that will in turn like or unlike the photos of the attacker's choosing. The vulnerable page is https://www.zomato.com/php/photoViewerActionsHandler.php ,...
CVE-2005-0776
adm-photo.php in PhotoPost PHP 5.0 RC3 does not properly verify administrative privileges before manipulating photos, which could allow remote attackers to manipulate other users' photos...