856 matches found
CVE-2025-10009 Authenticated admin RCE in Invoice Ninja
Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja = 5.11.72 allows attackers with admin credentials to execute arbitrary code on the server via uploaded .php files...
CVE-2025-58449
Maho is a free and open source ecommerce platform. In Maho prior to 25.9.0, an authenticated staff user with access to the Dashboard and Catalog\Manage Products permissions can create a custom option on a listing with a file input field. By allowing file uploads with a .php extension, the user ca...
Linux Distros Unpatched Vulnerability : CVE-2017-17898
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr ERP/CRM version 6.0.4 does not block direct requests to .tpl.php files, which allows remote attackers to obtain sensitive information. CVE-2017-17898...
Linux Distros Unpatched Vulnerability : CVE-2018-14028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is...
Linux Distros Unpatched Vulnerability : CVE-2019-8937
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mesefine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and...
CVE-2025-8142 Soledad <= 8.6.7 - Authenticated (Contributor+) Local File Inclusion via 'header_layout'
The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the 'headerlayout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the serve...
PT-2025-31995 · Dell · Dell Kace K1000 System Management Appliance
Name of the Vulnerable Software and Affected Versions: Dell KACE K1000 System Management Appliance versions 5.0 through 5.3 Dell KACE K1000 System Management Appliance versions 5.4 prior to 5.4.76849 Dell KACE K1000 System Management Appliance versions 5.5 prior to 5.5.90547 Description: An...
CVE-2013-10055
An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 and possibly earlier in the upload.php script. The application fails to enforce proper file extension validation and authentication checks, allowing remote attackers to upload malicious PHP files via a...
simogeo/filemanager arbitrary file upload vulnerability
An arbitrary file upload vulnerability in the isallowedfiletype function of Filemanager v2.3.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...
PT-2025-28334 · WordPress · Widgets For Google Reviews
Name of the Vulnerable Software and Affected Versions: The Widget for Google Reviews plugin for WordPress versions up to, and including, 1.0.15 Description: The issue allows authenticated attackers with Subscriber-level access and above to include and execute arbitrary PHP files on the server via...
📄 Tiki Wiki CMS Groupware 28.3 Server-Side Template Injection
Tiki Wiki CMS Groupware versions 28.3 and below suffer from two server-side template injection vulnerabilities via specially crafted wiki pages. ---------------------------------------------------------------------------------- Tiki Wiki CMS Groupware '" The second vulnerability can be leveraged ...
PT-2025-28216 · Wegia · Wegia
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.3 Description: A Cross-Site Scripting XSS Injection issue was found in WeGIA, a web manager for charitable institutions. The vulnerability is located in the novo memorando.php file. When a memo is submitted, the...
CVE-2025-52562
Convoy CVE-2025-52562 describes an unauthenticated directory traversal vulnerability in the LocaleController affecting Convoy versions 3.9.0-rc3 through 4.4.0. Exploitation allows including and executing arbitrary PHP files on the server. The issue has been patched in version 4.4.1; a temporary w...
CVE-2025-4954
The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users author and above to upload arbitrary files such as PHP on the server...
CVE-2025-22152
Atheos is a self-hosted browser-based cloud IDE. Prior to v600, the $path and $target parameters are not properly validated across multiple components, allowing an attacker to read, modify, or execute arbitrary files on the server. These vulnerabilities can be exploited through various attack...
CVE-2024-24496
An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components...
CVE-2024-5807
The Business Card WordPress plugin through 1.0.0 does not prevent high privilege users like administrators from uploading malicious PHP files, which could allow them to run arbitrary code on servers hosting their site, even in MultiSite configurations...
CVE-2024-30162
Invision Community through 4.7.16 allows remote code execution via the applications/core/modules/admin/editor/toolbar.php IPS\core\modules\admin\editor\toolbar::addPlugin method. This method handles uploaded ZIP files that are extracted into the...
CVE-2023-32528
Trend Micro Mobile Security Enterprise 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
CVE-2023-23565
An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to retrieve PHP files from the server via Local File Inclusion...