CVE-2022-25495

The component /jqueryfileupload/server/php/index.php of CuppaCMS v1.0 allows attackers to upload arbitrary files and execute arbitrary code via a crafted PHP file...

CVE-2015-7339

JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /comjce/editor/libraries/classes/browser.php script...

CVE-2011-5083

Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote attackers to execute arbitrary code by uploading a file with an executable PHP extension, then accessing it via a direct request to the file in an unspecified directory...

CVE-2025-29411

An arbitrary file upload vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2025-29401

An arbitrary file upload vulnerability in the component /views/plugin.php of emlog pro v2.5.7 allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2022-48006

An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploited via manipulation of the upext variable at /include/Model/Upload.php...

CVE-2022-42154

An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-32420

College Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via /College/admin/teacher.php. This vulnerability is exploited via a crafted PHP file...