2595 matches found
CVE-2022-39977
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
CVE-2022-39978
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the Product List module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
Privilege escalation
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
Privilege escalation
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the Product List module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
CVE-2022-39977
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
CVE-2022-39978
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the Product List module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
Privilege escalation
Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /useroperations/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-41504
An arbitrary file upload vulnerability in the component /phpaction/editProductImage.php of Billing System Project v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-22246 Junos OS: PHP file inclusion vulnerability in J-Web
A PHP Local File Inclusion LFI vulnerability in the J-Web component of Juniper Networks Junos OS may allow a low-privileged authenticated attacker to execute an untrusted PHP file. By chaining this vulnerability with other unspecified vulnerabilities, and by circumventing existing attack...
CVE-2022-41504
An arbitrary file upload vulnerability in the component /phpaction/editProductImage.php of Billing System Project v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-41537
Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /useroperations/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-41537
Online Tours & Travels Management System v1.0 is affected by CVE-2022-41537 due to an arbitrary file upload flaw in /user_operations/profile.php that enables remote code execution via a crafted PHP file. The vulnerability stems from an unvalidated file-upload input, allowing an attacker to upload...
CVE-2022-41504
An arbitrary file upload vulnerability in the component /phpaction/editProductImage.php of Billing System Project v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
Privilege escalation
An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-42154
An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-42154
An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file...
PT-2022-5296 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 19.1R3-S9 Junos OS versions 19.2 prior to 19.2R3-S6 Junos OS versions 19.3 prior to 19.3R3-S6 Junos OS versions 19.4 prior to 19.4R2-S7 Junos OS versions 19.4 prior to 19.4R3-S8 Junos OS versions 20.1 prior to...
CVE-2022-41539
Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /admin/usersadd.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
Privilege escalation
Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /Wedding-Management-PHP/admin/photosadd.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-41539
Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /admin/usersadd.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...