44 matches found
CVE-2026-33704
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user including students can write arbitrary content to files on the server via the BigUpload endpoint. The key parameter controls the filename and the raw POST body becomes the file content. While .php extensions are...
CVE-2026-33704
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user including students can write arbitrary content to files on the server via the BigUpload endpoint. The key parameter controls the filename and the raw POST body becomes the file content. While .php extensions are...
CVE-2026-33704 Chamilo LMS Affected by Authenticated Arbitrary File Write via BigUpload endpoint
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user including students can write arbitrary content to files on the server via the BigUpload endpoint. The key parameter controls the filename and the raw POST body becomes the file content. While .php extensions are...
CVE-2026-33704
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user including students can write arbitrary content to files on the server via the BigUpload endpoint. The key parameter controls the filename and the raw POST body becomes the file content. While .php extensions are...
CVE-2026-33704
CVE-2026-33704 affects Chamilo LMS prior to version 1.11.38. An authenticated user (including students) can use the BigUpload endpoint to write arbitrary content to server files: the key parameter selects the filename and the raw POST body becomes the file contents. Although .php extensions are f...
EUVD-2026-21555
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user including students can write arbitrary content to files on the server via the BigUpload endpoint. The key parameter controls the filename and the raw POST body becomes the file content. While .php extensions are...
CVE-2026-33704 Chamilo LMS Affected by Authenticated Arbitrary File Write via BigUpload endpoint
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user including students can write arbitrary content to files on the server via the BigUpload endpoint. The key parameter controls the filename and the raw POST body becomes the file content. While .php extensions are...
PT-2026-32019
Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 1.11.38 Description Chamilo LMS is a learning management system. Authenticated users, including students, can write arbitrary content to files on the server through the BigUpload endpoint. The key parameter contro...
CVE-2022-50912 ImpressCMS 1.4.4 - Unrestricted File Upload
ImpressCMS 1.4.4 contains a file upload vulnerability with weak extension sanitization that allows attackers to upload potentially malicious files. Attackers can bypass file upload restrictions by using alternative file extensions .php2.php6.php7.phps.pht to execute arbitrary PHP code on the serv...
CVE-2020-10228
A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution...
EUVD-2022-3781
Malicious code in bioql PyPI...
EUVD-2025-12020
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-14209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr before 11.0.5 allows low-privilege users to upload files of dangerous types, leading to arbitrary code execution. This occurs because .pht and .phar...
CVE-2025-46492
Cross-Site Request Forgery CSRF vulnerability in Pham Thanh Call Now PHT Blog call-now-coccoc-pht-blog allows Stored XSS.This issue affects Call Now PHT Blog: from n/a through = 2.4.1...
CVE-2025-46492
Cross-Site Request Forgery CSRF vulnerability in Pham Thanh Call Now PHT Blog call-now-coccoc-pht-blog allows Stored XSS.This issue affects Call Now PHT Blog: from n/a through = 2.4.1...
CVE-2025-46492
CVE-2025-46492 describes a CSRF to Stored XSS in the WordPress plugin Call Now PHT Blog (versions n/a through 2.4.1). The vulnerability arises from CSRF enabling stored XSS; affected product is the Call Now PHT Blog plugin for WordPress. The CVE entry indicates the issue affects versions up to 2....
CVE-2025-46492 WordPress Call Now PHT Blog plugin <= 2.4.1 - CSRF to XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Pham Thanh Call Now PHT Blog allows Stored XSS. This issue affects Call Now PHT Blog: from n/a through 2.4.1...
PT-2025-17801 · Unknown · Call Now Pht Blog
Name of the Vulnerable Software and Affected Versions: Call Now PHT Blog versions n/a through 2.4.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on the web application,...
WordPress plugin Call Now PHT Blog 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in WordPress plugin...
Intelliants Subrion CMS 4.2.1 - Authenticated File Upload Bypass to RCE
This module exploits an authenticated file upload vulnerability in Subrion CMS versions 4.2.1 and lower. The vulnerability is caused by the .htaccess file not preventing the execution of .pht, .phar, and .xhtml files. Files with these extensions are not included in the .htaccess blacklist, hence...