CodeIgniter4 has a validation bypass when uploading file extensions via `ext_in` rule

Impact The extin upload validation rule checked the MIME-derived guessed extension instead of the client-provided filename extension. As a result, an uploaded file named shell.php containing GIF-like content could pass validation such as:...

CVE-2026-46400

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 11.0.6 and prior to version 25.0.0, the file upload functionality in HAXCMS PHP only validates file extensions using a regex pattern without checking the actual file content or MIME type. This allows attacker...

EUVD-2026-27889

Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code by exploiting insufficient file extension restrictions. Attackers with editor, author, contributor, or...

PT-2026-27364

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

CVE-2025-70151

CVE-2025-70151 affects code-projects Scholars Tracking System 1.0. An authenticated attacker can achieve remote code execution via unrestricted file upload: the endpoints update_profile_picture.php and upload_picture.php store uploaded files in web-accessible uploads/ using the original filename ...

CVE-2020-37091 Maian Support Helpdesk 4.3 - Cross-Site Request Forgery (Add Admin)

Maian Support Helpdesk 4.3 contains a cross-site request forgery vulnerability that allows attackers to create administrative accounts without authentication. Attackers can craft malicious HTML forms to add admin users and upload PHP files with unrestricted file upload capabilities through the FA...

CVE-2025-14894

Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed via the /storage/ URL if a commonly performed setup proce...

CVE-2025-14894

Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed via the /storage/ URL if a commonly performed setup proce...

Livewire Filemanager security vulnerabilities

Livewire Filemanager is an open-source file management software developed by Livewire. There is a security vulnerability in Livewire Filemanager, which stems from the lack of file type and MIME validation in the LivewireFilemanagerComponent.php file. This vulnerability may allow remote code...

CVE-2022-50898

NanoCMS 0.4 is affected by an authenticated file upload vulnerability that enables remote code execution through the page content creation feature. The root cause is lack of input sanitization when uploading PHP files to the server’s pages directory, which can be exploited after authentication. R...

CVE-2020-10806

eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php...

EUVD-2023-60196

phpfm 1.7.9 contains an authentication bypass vulnerability that allows attackers to log in by exploiting loose type comparison in password hash validation. Attackers can craft specific password hashes beginning with 0e or 00e to bypass authentication and upload malicious PHP files to the server...

CVE-2020-36877 ReQuest Serious Play F3 Media Server <= 7.0.3 code execution

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands as the web server user. Attackers can upload PHP executable files via the Quick File Uploader page, resulting in remote code execution on...

EUVD-2021-27286

Malware in sbrugna...

CVE-2025-10009

Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja = 5.11.72 allows attackers with admin credentials to execute arbitrary code on the server via uploaded .php files...

CVE-2025-10009

Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja = 5.11.72 allows attackers with admin credentials to execute arbitrary code on the server via uploaded .php files...

CVE-2024-7863

The Favicon Generator CLOSED WordPress plugin before 2.1 does not validate files to be uploaded and does not have CSRF checks, which could allow attackers to make logged in admin upload arbitrary files such as PHP on the server...

WordPress plugin Favicon Generator 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

CVE-2024-7031

The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'njtfssaveSettingRestrictions' function in all versions up to, and including, 1.8.2. This makes it possible for authenticated attackers, with a role tha...

CVE-2024-5450

The Bug Library WordPress plugin before 2.1.1 does not check the file type on user-submitted bug reports, allowing an unauthenticated user to upload PHP files...