EUVD-2022-29522

Malicious code in bioql PyPI...

CVE-2025-8433

A vulnerability was found in code-projects Document Management System 1.0 and classified as critical. This issue affects the function unlink of the file /dell.php. The manipulation of the argument ID leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to...

CVE-2025-8433 code-projects Document Management System dell.php unlink path traversal

A vulnerability was found in code-projects Document Management System 1.0 and classified as critical. This issue affects the function unlink of the file /dell.php. The manipulation of the argument ID leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to...

CVE-2021-37144

CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when the unlink function is called and user input might affect portions of or the whole affected parameter, which represents the path of the file to remove, without sufficient sanitization...

PT-2025-21866 · Sourcecodester · Sourcecodester Student Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Result Management System version 1.0 Description: A critical issue has been identified, affecting the unlink function of the update system.php file in the Logo File Handler component. The manipulation of the old logo...

WordPress plugin WPLMS Learning Management System 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

Remote Code Execution Vulnerability Through Unrestrict File Write

Description In the import setting function, in the file Froxlor\lib\Froxlor\SImExporter.php php fileputcontents$imgfilename, $imgdata; if functionexists'finfoopen' $finfo = finfoopenFILEINFOMIMETYPE; $mimetype = finfofile$finfo, $imgfilename; finfoclose$finfo; else $mimetype =...

GHSA-GJQ4-69WJ-P6PR Path traversal in pimcore

The application doesn't perform a check/filter against the value of "importFile" parameter at endpoint "/admin/translation/import". After the API is executed, PHP unlink function will proceed to delete the file...

Path traversal in pimcore

The application doesn't perform a check/filter against the value of "importFile" parameter at endpoint "/admin/translation/import". After the API is executed, PHP unlink function will proceed to delete the file...

CVE-2022-24647

Cuppa CMS v1.0 was discovered to contain an arbitrary file deletion vulnerability via the unlink function...

CVE-2022-24647

Cuppa CMS v1.0 was discovered to contain an arbitrary file deletion vulnerability via the unlink function...

CuppaCMS 路径遍历漏洞

CuppaCMS is a content management system CMS. a security vulnerability exists in CuppaCMS v1.0, which stems from the fact that Cuppa CMS v1.0 was found to contain an arbitrary file deletion vulnerability via the unlink function. No details of the vulnerability are currently available...

in pheditor/pheditor

Description This issue allows an attacker to influence calls to the 'unlink' function and delete arbitrary files. https://github.com/pheditor/pheditor is vulnerable to DoS via Arbitrary file deletion. Proof of concept Vuln variable: $POST'path' Snippet: case 'delete': if isset$POST'path' &&...

CSZ CMS has an unspecified vulnerability

CSZ CMS is a PHP-based open source content management system CMS. version 1.2.9 of CSZ CMS contains a security vulnerability that stems from the vulnerability of CSZ CMS to arbitrary file deletion. This can occur in PHP when the unlink function is called with user input that may affect part or th...

CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion

Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion Date: 2021-07-20 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.cszcms.com Software Link: https://sourceforge.net/projects/cszcms/files/latest/download Version: 1.2.9 Tested on: Windows 10,...

webTareas 2.0.p8 - Arbitrary File Deletion Vulnerability

Exploit for php platform in category web applications Exploit Title: webTareas 2.0.p8 - Arbitrary File Deletion Author: Besim ALTINOK Vendor Homepage: https://sourceforge.net/projects/webtareas/files/ Software Link: https://sourceforge.net/projects/webtareas/files/ Version: v2.0.p8 Tested on: Xam...

phpBB < 2.0.12 Path Disclosure / Unauthorized unlink() Function Access

Binary data 2641.prm...