21 matches found
CVE-2026-7638
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the uploadavatar function, which accepts an attacker-controlled...
CVE-2026-7638
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the uploadavatar function, which accepts an attacker-controlled...
CVE-2026-7638 App Builder <= 5.5.10 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Avatar Modification via 'user_id' Parameter
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the uploadavatar function, which accepts an attacker-controlled...
EUVD-2026-26732
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the uploadavatar function, which accepts an attacker-controlled...
CVE-2026-7638 App Builder <= 5.5.10 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Avatar Modification via 'user_id' Parameter
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the uploadavatar function, which accepts an attacker-controlled...
CVE-2026-7638
CVE-2026-7638 details : The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress (WordPress plugin) is vulnerable to Insecure Direct Object Reference in all versions up to 5.6.0. The root cause is missing authorization validation in the upload_avatar() function, which...
CVE-2026-7638
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the uploadavatar function, which accepts an attacker-controlled...
PT-2026-36563
Name of the Vulnerable Software and Affected Versions App Builder – Create Native Android & iOS Apps On The Flight versions prior to 5.6.1 Description An Insecure Direct Object Reference IDOR exists due to missing authorization validation in the upload avatar function. The...
WordPress plugin App Builder – Create Native Android & iOS Apps On The Flight 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to th...
EUVD-2023-24129
Malicious code in bioql PyPI...
EUVD-2022-28828
Malicious code in bioql PyPI...
PT-2025-12241 · Unknown · Parisneo/Lollms-Webui
Name of the Vulnerable Software and Affected Versions: parisneo/lollms-webui version V12 Strawberry Description: A Denial of Service DoS issue exists due to the application's handling of multipart boundaries in file upload endpoints. Despite CSRF protection, the server processes these boundaries,...
CVE-2022-23906
CMS Made Simple v2.2.15 was discovered to contain a Remote Command Execution RCE vulnerability via the upload avatar function. This vulnerability is exploited via a crafted image file...
Cross-site Scripting (XSS) - Stored in crater-invoice/crater
Description There is a vulnerability in the upload avatar functionality of crater invoice which would allow an attacker to upload malicious .SVG files in order to execute Javascript. All that is required is that the victim browse to the link location of the .SVG file Proof of Concept xss.svg:...
in crater-invoice/crater
Description In recent Crater version ed6268aa tag: 5.0.3 lowest privileged user can upload PHP file instead of avatar. Proof of Concept POST /api/v1/me/upload-avatar HTTP/1.1 Host: 172.17.0.1:8888 User-Agent: Mozilla/5.0 X11; Linux x8664; rv:95.0 Gecko/20100101 Firefox/95.0 Accept: /...
CVE-2021-44093
A Remote Command Execution vulnerability on the background in zrlog 2.2.2, at the upload avatar function, could bypass the original limit, upload the JSP file to get a WebShell...
Design/Logic Flaw
A Remote Command Execution vulnerability on the background in zrlog 2.2.2, at the upload avatar function, could bypass the original limit, upload the JSP file to get a WebShell...
CVE-2021-44093
CVE-2021-44093 affects zrlog 2.2.2. A Remote Command Execution vulnerability exists in the avatar upload function, allowing bypass of the original limit and uploading a JSP file to obtain a WebShell. Multiple sources (NVD/NVDC, CNVD, Red Hat, CNVD, CNNVD, CVE listing) corroborate the issue and it...
CVE-2021-44093
A Remote Command Execution vulnerability on the background in zrlog 2.2.2, at the upload avatar function, could bypass the original limit, upload the JSP file to get a WebShell...
ImperialBB 2.3.5 - Arbitrary File Upload
ImperialBB 2.3.5 - Arbitrary File Upload Title : ImperialBB :\r\n\n"; $code = trimfgetsSTDIN; $socket = @fsockopen$argv1, 80, $eno, $estr, 30...