22 matches found
EUVD-2020-28189
Malware in sbrugna...
EUVD-2023-28326
Malicious code in bioql PyPI...
EUVD-2024-35344
Malicious code in bioql PyPI...
EUVD-2025-10961
Malicious code in bioql PyPI...
CVE-2025-8323
The e-School from Ventem has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-29093
File Upload vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbitrary code via the Content/Gallery/Images component...
CVE-2024-28424
zenml v0.55.4 was discovered to contain an arbitrary file upload vulnerability in the load function at /materializers/cloudpicklematerializer.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2024-53345
An authenticated arbitrary file upload vulnerability in Car Rental Management System v1.0 to v1.3 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2023-37692
An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted file...
CVE-2022-43146
An arbitrary file upload vulnerability in the image upload function of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-29725
An arbitrary file upload in the image upload component of wityCMS v0.6.2 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-29353
An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows attackers to execute arbitrary code via a crafted filename...
CVE-2025-29281
CVE-2025-29281 affects PerfreeBlog 4.0.11, where an arbitrary file upload vulnerability in the attach component lets regular users upload files and execute code within them. The CVSS v3.1 vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H with a base score of 8.8 (HIGH). Exploitation is descr...
CVE-2024-57728
SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file i.e. zip slip. This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user...
CVE-2022-45185
An issue was discovered in SuiteCRM 7.12.7. Authenticated users can use CRM functions to upload malicious files. Then, deserialization can be used to achieve code execution...
PT-2024-22427 · Zenml · Zenml
Name of the Vulnerable Software and Affected Versions: zenml version 0.55.4 Description: The issue allows attackers to execute arbitrary code via uploading a crafted file, exploiting an arbitrary file upload vulnerability in the load function at /materializers/cloudpickle materializer.py...
CVE-2019-18417
Sourcecodester Restaurant Management System 1.0 allows an authenticated attacker to upload arbitrary files that can result in code execution. The issue occurs because the application fails to adequately sanitize user-supplied input, e.g., "add a new food" allows .php files...
CVE-2019-7274
Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root...
jQuery-File-Upload 9.22.0 - Arbitrary File Upload
jQuery-File-Upload 9.22.0 - Arbitrary File Upload Title: jQuery-File-Upload 9.22.0 - Arbitrary File Upload Author: Larry W. Cashdollar, @larry0 Date: 2018-10-09 Vendor: https://github.com/blueimp Download Site: https://github.com/blueimp/jQuery-File-Upload/releases CVE-ID: N/A Vulnerability: The...
Denial of Service Vulnerability in Multiple F5 Products (CNVD-2015-07477)
F5 BIG-IP Analytics and others are products of F5 Corporation, USA. f5 BIG-IP Analytics is a suite of web application performance analytics software. apm is a solution that provides secure and unified access to business-critical applications and networks. ltm is a local traffic manager. datastor...