CVE-2026-1445

A vulnerability was found in iJason-Liu BooksManager up to 298ba736387ca37810466349af13a0fdf828e99c. This vulnerability affects unknown code of the file controllers/bookscenter/uploadbookCover.php. Performing a manipulation of the argument bookcover results in unrestricted upload. The attack may ...

EUVD-2006-1729

Malware in sbrugna...

EUVD-2006-2779

Malware in sbrugna...

CVE-2025-8203 Jingmen Zeyou Large File Upload Control index.jsp sql injection

A vulnerability classified as critical has been found in Jingmen Zeyou Large File Upload Control up to 6.3. Affected is an unknown function of the file /index.jsp. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

PT-2025-30979 · Unknown · Jingmen Zeyou Large File Upload Control

Name of the Vulnerable Software and Affected Versions: Jingmen Zeyou Large File Upload Control versions up to 6.3 Description: A critical issue exists in Jingmen Zeyou Large File Upload Control. The manipulation of the ID parameter in the /index.jsp file leads to SQL injection. This allows for...

PT-2024-28292 · Phpok · Phpok

Name of the Vulnerable Software and Affected Versions: phpok version 6.4.003 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It affects the ok f method located in the framework/api/upload control.php file. Recommendations: For phpok version 6.4.003, consider disabli...

Security Advisory - Improper File Upload Control Vulnerability in Huawei FusionCompute Product

There is an improper file upload control vulnerability in Huwei FusionCompute product. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal. Vulnerability...

Qulture.Rocks: Unrestricted File Upload in Chat Window

Summary: The application allows the attacker to upload dangerous file types that can be automatically processed within the product's environment. Steps To Reproduce: 1. Hit the browser with below URL. https://qa.qulture.rocks/en/users/signin 2. Open The Cat window. 3. Upload any exe file . 4. Cli...

Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities

No description provided by source. Original: http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt =============================== - Advisory - =============================== Tittle: Imperva SecureSphere Operations Manager - Command Execution Post Authentication & Minor issu...

SeedDMS XSS / Traversal / Shell Upload Vulnerabilities

SeedDMS versions prior to 4.3.4 suffer from cross site scripting, remote shell upload, and path traversal vulnerabilities. Product description: ============ SeedDMS is the continuation of LetoDMS because it has lost its main developer. SeedDMS is an easy to use but powerful Open Source Document...

WanHu ezoffice upload arbitrary file vulnerability-vulnerability warning-the black bar safety net

Brief description: Thousand oa system to publish announcements of the image upload control is not strict, cause you can upload any files! Detailed description: Open the announcement in the upload pictures page view the url as follows:...

AdaptBB 1.0 Beta SQL Injection / Code Execution / File Upload

Salvatore "drosophila" Fresta + Application: AdaptBB + Version: 1.0 Beta + Website: http://sourceforge.net/projects/adaptbb/ + Bugs: A Multiple Blind SQL Injection B Multiple Dynamic Code Execution C Arbitrary File Upload + Exploitation: Remote + Date: 09 Apr 2009 + Discovered by: Salvatore...

Traidnt up 2.0 - cookie Add Extension Bypass

Traidnt up 2.0 - cookie Add Extension Bypass Add Extension : milw0rm.com 2009-03-11...

Debian DSA-1506-1 : iceape - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the SeaMonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren a...

DSA-1506-1 iceape - several vulnerabilities

Bulletin has no description...

ImageStation (SonyISUpload.cab 1.0.0.38) ActiveX Buffer Overflow PoC

No description provided by source. html headtitleBuffer Overflow Vulnerability in AxRUploadServer.dll, Activex Method SetLogging/title/head body Dll name:AxRUploadServer.dll Download: http://www.imagestation.com/common/classes/SonyISUpload.cab?v=1,0,0,38 /br/br Description: This file belongs to...

IBM Domino Web Access Upload Control ActiveX buffer overflow

Buffer overflow in InstallBrowserHelperDll with GeneralServerName property...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : firefox vulnerabilities (USN-535-1)

Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. CVE-2007-5336, CVE-2007-5339, CVE-2007-5340 Michal Zalewski discovered that the onUnload event handlers we...

[SECURITY] [DSA 1396-1] New iceweasel packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1396-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 27th, 2007 http://www.debian.org/security/faq -...

Debian DSA-1392-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1095 Michal Zalewski discovered that the unload event handler had access to the address of...