861 matches found
CVE-2025-41734
An unauthenticated remote attacker can execute arbitrary php files and gain full access of the affected devices...
CVE-2025-63748
QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The application fails to restrict file types, enabling the upload of executable PHP files. Once uploaded, the file can be accessed through the "View Attachment" option,...
CVE-2025-63748
QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The application fails to restrict file types, enabling the upload of executable PHP files. Once uploaded, the file can be accessed through the "View Attachment" option,...
CVE-2025-63748
QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The application fails to restrict file types, enabling the upload of executable PHP files. Once uploaded, the file can be accessed through the "View Attachment" option,...
PT-2025-44935
Name of the Vulnerable Software and Affected Versions Elegance Menu versions prior to 2.0 Description The Elegance Menu plugin for WordPress is susceptible to Local File Inclusion in versions up to and including 1.9. An authenticated attacker with Contributor-level access or higher can exploit th...
CVE-2025-60500
QDocs Smart School Management System 7.1 allows authenticated users with roles such as "accountant" or "admin" to bypass file type restrictions in the media upload feature by abusing the alternate YouTube URL option. This logic flaw permits uploading of arbitrary PHP files, which are stored in a...
CVE-2025-60500
QDocs Smart School Management System 7.1 contains a logic flaw in the media upload feature that lets authenticated users with roles such as accountant or admin bypass file type restrictions by abusing the alternate YouTube URL option. This enables uploading arbitrary PHP files that are stored in ...
CVE-2025-11722 Category and Products Accordion Panel <= 1.0 - Authenticated (Contributor+) Local File Inclusion
The Woocommerce Category and Products Accordion Panel plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0 via the 'categoryaccordionpanel' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to...
EUVD-2021-25772
Malware in sbrugna...
EUVD-2007-2019
Malware in sbrugna...
EUVD-2011-3677
Malware in sbrugna...
EUVD-2012-1009
Malware in sbrugna...
EUVD-2011-3777
Malware in sbrugna...
EUVD-2007-4592
Malware in sbrugna...
EUVD-2005-4807
Malware in sbrugna...
EUVD-2005-2434
Malware in sbrugna...
EUVD-2012-6362
Malware in sbrugna...
EUVD-2011-3661
Malware in sbrugna...
EUVD-2006-4781
Malware in sbrugna...
EUVD-2011-3720
Malware in sbrugna...