CVE-2018-25412

Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to docsupload.php with crafted multipart form data. Attackers can upload PHP files with arbitrary content to the upload directory and execute th...

CVE-2026-42879

FacturaScripts is an open source accounting and invoicing software. In 2025.81 and earlier, an authenticated unrestricted file upload vulnerability exists in FacturaScripts' product image upload functionality. An attacker with valid credentials can upload a PHP file disguised as a GIF image using...

Ninja Forms Uploads - Unauthenticated PHP File Upload

Exploit Title: Ninja Forms Uploads - Unauthenticated PHP File Upload Date: 2026-04-09 Exploit Author: Sélim Lanouar @whattheslime Vendor Homepage: https://ninjaforms.com/ Software Link: https://ninjaforms.com/extensions/file-uploads/ Version: 3.3.24 Tested on: WordPress 6.9.3 on Apache and Nginx...

CVE-2021-47943

TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through the file upload functionality. Attackers can upload a PHP shell via the Files section in the content area and execute...

CVE-2025-67886

Bitrix24 through 25.100.300 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privileged...

CVE-2025-67887

1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privilege...

CVE-2025-67887

1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privilege...

FacturaScripts Vulnerable to Authenticated Remote Code Execution (RCE) via GIF Image Upload in Product Images

CVE-2026-42879 - FacturaScripts - Authenticated Unrestricted File Upload via MIME Type Bypass Summary An authenticated unrestricted file upload vulnerability exists in FacturaScripts' product image upload functionality. An attacker with valid credentials can upload a PHP file disguised as a GIF...

GHSA-VF3Q-FRMR-VRR9 FacturaScripts Vulnerable to Authenticated Remote Code Execution (RCE) via GIF Image Upload in Product Images

CVE-2026-42879 - FacturaScripts - Authenticated Unrestricted File Upload via MIME Type Bypass Summary An authenticated unrestricted file upload vulnerability exists in FacturaScripts' product image upload functionality. An attacker with valid credentials can upload a PHP file disguised as a GIF...

CVE-2026-41587 CI4MS: Unrestricted PHP File Upload via Theme Installation Leads to Authenticated Remote Code Execution

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. From version 0.26.0.0 to before version 0.31.7.0, a theme upload feature allows any authenticated backend user with theme-upload permission to achieve remo...

WordPress plugin Drag and Drop File Upload for Contact Form 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

PT-2026-30482

UniSharp Laravel File Manager v2.0.0-alpha7 and v2.0 contain an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by sending multipart form data to the upload endpoint. Attackers can upload PHP files with the type parameter set to Files and execute...

CVE-2026-4809

Brand-new CVE entry CVE-2026-4809 affects plank/laravel-mediable up to version 6.4.0. In vulnerable configurations that accept a client-supplied MIME type during file upload, an attacker can submit a file containing executable PHP code while declaring a benign image MIME type, enabling arbitrary ...

CVE-2026-4809 Unsafe Client MIME Type Handling Can Enable Arbitrary File Upload in plank/laravel-mediable

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while...

CVE-2025-70151

code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints updateprofilepicture.php and uploadpicture.php store uploaded files in a web-accessible uploads/ directory using the original, user-supplied...

CVE-2025-65875

An arbitrary file upload vulnerability in the AddFont function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2020-37084 School ERP Pro 1.0 Admin Profile Photo Upload Remote Code Execution Vulnerability

School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitrary PHP files as profile photos by bypassing file extension checks. Attackers can exploit improper file validation in pre-editstudent.inc.php to execute arbitrary code on the...

CVE-2020-37091 Maian Support Helpdesk 4.3 - Cross-Site Request Forgery (Add Admin)

Maian Support Helpdesk 4.3 contains a cross-site request forgery vulnerability that allows attackers to create administrative accounts without authentication. Attackers can craft malicious HTML forms to add admin users and upload PHP files with unrestricted file upload capabilities through the FA...

PT-2026-5841

Name of the Vulnerable Software and Affected Versions Maian Support Helpdesk version 4.3 Description The software contains a cross-site request forgery condition that permits attackers to create administrative accounts without needing to authenticate. Attackers can construct malicious HTML forms ...

Livewire Filemanager contains an insecure .php component that allows for unauthenticated RCE in Laravel Products

Overview A vulnerability, tracked as CVE-2025-14894, has been discovered within Livewire Filemanager, a tool designed for usage within Laravel applications. The Livewire Filemanager tool allows for users to upload various files, including PHP files, and host them within the Laravel application...