CVE-2026-7213

A vulnerability was detected in ef10007 MLOpsMCP 1.0.0. This impacts an unknown function of the file fastmcpserver.py of the component savefile Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public...

CVE-2026-7213

CVE-2026-7213 affects ef10007 MLOps_MCP 1.0.0, specifically the save_file Tool’s fastmcp_server.py. The issue is a path traversal vulnerability triggered by manipulating the filename/destination argument. It can be exploited remotely; public exploit is available. The project was informed via issu...

CVE-2026-7213 ef10007 MLOps_MCP save_file Tool fastmcp_server.py path traversal

A vulnerability was detected in ef10007 MLOpsMCP 1.0.0. This impacts an unknown function of the file fastmcpserver.py of the component savefile Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public...

CVE-2026-7213

A vulnerability was detected in ef10007 MLOpsMCP 1.0.0. This impacts an unknown function of the file fastmcpserver.py of the component savefile Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public...

FastMCP ML Workflow Server 路径遍历漏洞

FastMCP ML Workflow Server is a machine learning workflow server developed by Jinny Han. It supports drug discovery and data science applications. Version 1.0.0 of FastMCP ML Workflow Server has a path traversal vulnerability. This vulnerability stems from the incorrect handling of the parameter...

EUVD-2025-205023

A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...

CVE-2025-51661

A path Traversal vulnerability found in FileCodeBox v2.2 and earlier allows arbitrary file writes when application is configured to use local filesystem storage. SystemFileStorage.savefile method in core/storage.py uses filenames from user input without validation to construct savepath and save...

CVE-2024-44373

AllSky is affected (versions 2023.05.01 through 2024.12.06_06). A path traversal flaw in /includes/save_file.php, triggered by manipulating the path and content parameters, allows an unauthenticated attacker to write arbitrary files and achieve remote code execution. Root cause: improper sanitiza...

PluckCMS File Upload Vulnerability

PluckCMS is an application that provides an easy-to-use content management system that allows users to create and manage websites with simple operations. It has a user-friendly interface and powerful features to fulfill various needs of users. PluckCMS File Upload Vulnerability. This vulnerabilit...

CVE-2020-20718

File Upload vulnerability in PluckCMS v.4.7.10 dev versions allows a remote attacker to execute arbitrary code via a crafted image file to the the savefile parameter...

Unrestricted file upload

File Upload vulnerability in PluckCMS v.4.7.10 dev versions allows a remote attacker to execute arbitrary code via a crafted image file to the the savefile parameter...

Janissaries Joomla Civicrm Shell Upload

||| /|/ | /\ | //|| /\ / / / / / / /// ----------------------------------------------------------------------------- Janissaries Joomla ComCivicrm Exploitation Tool with MultiThread Coded by Miyachung Stay away from lamers o.O Contact: [email protected] Special Thanks : B127Y Site:...