CVE-2021-37334

Umbraco Forms version 4.0.0 up to and including 8.7.5 and below are vulnerable to a security flaw that could lead to a remote code execution attack and/or arbitrary file deletion. A vulnerability occurs because validation of the file extension is performed after the file has been stored in a...

in flatcore/flatcore-cms

Title： race condition vs Temporary File Upload Description flatCore-CMS is vulnerable to Race condition while dealing uploading gallery Codes at https://github.com/flatCore/flatCore-CMS/blob/main/acp/core/files.uploadgallery.phpL31 php ifarraykeyexists'file',$FILES && $FILES'file''error' == 0...

IBM WebSphere Portal Denial of Service Vulnerability (CNVD-2016-07638)

IBM WebSphere Portal is a suite of enterprise portal software from IBM. The software creates a platform that connects the internal and external parts of an organization, allowing employees, customers and suppliers to access internal data through the platform. A denial of service vulnerability...

GLSA-200409-05 : Gallery: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-200409-05 Gallery: Arbitrary command execution The upload handling code in Gallery places uploaded files in a temporary directory. After 30 seconds, these files are deleted if they are not valid images. However, since the file...