CVE-2026-6227

The BackWPup plugin for WordPress is vulnerable to Local File Inclusion via the blockname parameter of the /wp-json/backwpup/v1/getblock REST endpoint in all versions up to, and including, 5.6.6 due to a non-recursive strreplace sanitization of path traversal sequences. This makes it possible for...

PT-2026-31600

Name of the Vulnerable Software and Affected Versions Hydrosystem Control System versions prior to 9.8.5 Description The Hydrosystem Control System does not properly enforce authorization for certain directories. This allows an unauthorized attacker to read all files within these directories and...

CVE-2019-25471

FileThingie 2.5.7 contains an arbitrary file upload vulnerability that allows attackers to upload malicious files by sending ZIP archives through the ft2.php endpoint. Attackers can upload ZIP files containing PHP shells, use the unzip functionality to extract them into accessible directories, an...

CVE-2019-25630 PhreeBooks ERP 5.2.3 Arbitrary File Upload via Image Manager

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

PT-2026-27381

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

PT-2026-26087

The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.3 via the 'template' parameter in gallery shortcodes. This makes it possible for authenticated attackers, with Author-level access...

CVE-2020-37084

School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitrary PHP files as profile photos by bypassing file extension checks. Attackers can exploit improper file validation in pre-editstudent.inc.php to execute arbitrary code on the...

CVE-2020-37090

School ERP Pro 1.0 contains a file upload vulnerability that allows students to upload arbitrary PHP files to the messaging system. Attackers can upload malicious PHP scripts through the message attachment feature, enabling remote code execution on the server...

CVE-2020-37090

CVE-2020-37090 affects School ERP Pro 1.0. The vulnerability resides in the message-attachment file upload, which can be exploited to upload arbitrary PHP files, enabling remote code execution on the server. Root cause evidenced in the connected PT-2026-5840 entry: inadequate validation/verificat...

CVE-2020-37090

School ERP Pro 1.0 contains a file upload vulnerability that allows students to upload arbitrary PHP files to the messaging system. Attackers can upload malicious PHP scripts through the message attachment feature, enabling remote code execution on the server...

PT-2026-5824

Victor CMS 1.0 contains an authenticated file upload vulnerability that allows administrators to upload PHP files with arbitrary content through the user image parameter. Attackers can upload a malicious PHP shell to the /img/ directory and execute system commands by accessing the uploaded file...

CVE-2020-37023

Koken CMS 0.22.24 contains a file upload vulnerability that allows authenticated attackers to bypass file extension restrictions by renaming malicious PHP files. Attackers can upload PHP files with system command execution capabilities by manipulating the file upload request through a web proxy a...

CVE-2020-36942

Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Attackers can upload a PHP shell to the /img directory and execute system commands by accessing the uploaded file via web browser...

CVE-2025-13407

The Gravity Forms WordPress plugin before 2.9.23.1 does not properly prevent users from uploading dangerous files through its chunked upload functionality, allowing attackers to upload PHP files to affected sites and achieve Remote Code Execution, granted they can discover or enumerate the upload...

CVE-2023-53971 WebTareas 2.4 Authenticated Remote Code Execution via File Upload

WebTareas 2.4 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the chat photo upload functionality. Attackers can upload a PHP file with arbitrary code to the /files/Messages/ directory and execute it directly through the generated file pa...

CVE-2023-53956

Flatnux 2021-03.25 is affected by an authenticated file upload vulnerability in the file manager that allows an admin with credentials to upload arbitrary PHP files to the web root, enabling remote code execution on the server. Public reference shows an exploit exists (exploits/51295). Root cause...

CVE-2023-53956 Flatnux 2021-03.25 Authenticated File Upload Remote Code Execution

Flatnux 2021-03.25 contains an authenticated file upload vulnerability that allows administrative users to upload arbitrary PHP files through the file manager. Attackers with admin credentials can upload malicious PHP scripts to the web root directory, enabling remote code execution on the server...

CVE-2023-53956 Flatnux 2021-03.25 Authenticated File Upload Remote Code Execution

Flatnux 2021-03.25 contains an authenticated file upload vulnerability that allows administrative users to upload arbitrary PHP files through the file manager. Attackers with admin credentials can upload malicious PHP scripts to the web root directory, enabling remote code execution on the server...

PT-2025-52526

Name of the Vulnerable Software and Affected Versions Flatnux version 2021-03.25 Description The software contains an authenticated file upload issue that permits administrative users to upload arbitrary PHP files via the file manager. An attacker with administrative access can upload malicious P...

CVE-2023-53924

Summary of CVE-2023-53924 (UliCMS 2023.1-sniffing-vicuna): authenticated users can upload PHP files with a .phar extension via profile avatar uploads, enabling remote code execution when the uploaded file is accessed. Affects UliCMS 2023.1-sniffing-vicuna; impact includes potential full system co...