4 matches found
CVE-2026-45314
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the channel webhook create/update flow accepts arbitrary profileimageurl values, including data:image/svg+xml;base64,... payloads. The profile image endpoint then decodes and serves...
CVE-2025-3855
A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php/teammembers/saveprofileimage/ of the component Profile Picture Handler. The manipulation of the argument...
CVE-2025-3855
A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php/teammembers/saveprofileimage/ of the component Profile Picture Handler. The manipulation of the argument...
Mojoomla Annual Maintenance Contract Management System Arbitrary File Upload Vulnerability
Mojoomla Annual Maintenance Contract AMC Management System is a contract document management system. An arbitrary file upload vulnerability exists in profilesetting image handling in the Mojoomla AMC Management System. A remote attacker can exploit this vulnerability to upload arbitrary files...