CVE-2025-11630

A vulnerability was found in RainyGao DocSys up to 2.02.36. Affected is the function updateRealDoc of the file /Doc/uploadDoc.do of the component File Upload. Performing manipulation of the argument path results in path traversal. The attack can be initiated remotely. The exploit has been made...

OpenEMR Cross-Site Scripting Vulnerability (CNVD-2022-61334)

OpenEMR is an open source medical management system from the OpenEMR community. A cross-site scripting vulnerability exists in versions of OpenEMR prior to 6.1.0.1, which stems from a lack of data validation filters for user-supplied data and output data in the file name on the "Upload Document...

OpenEMR 跨站脚本漏洞

OpenEMR is an open source medical management system from the OpenEMR community. A cross-site scripting vulnerability exists in versions of OpenEMR prior to 6.1.0.1, which stems from a lack of data validation filters for user-supplied data and output data in the file name on the "Upload Document...

Cross-Site Request Forgery (CSRF) in aces/loris

✍️ Description Attacker able to upload any document with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attack...

NCH Quorum 跨站脚本漏洞

NCH Quorum is software that runs as a teleconferencing server on a Windows PC. A cross-site scripting vulnerability exists in NCH Quorum 2.03 and earlier versions. An attacker can exploit this vulnerability to conduct a cross-site scripting attack via /uploaddoc?id=...

EasyJobPortal Shell Upload

Exploit : EasyJobPortal upload shell Date : 13-11-2010 Author : MeGo Version : n/a DorK : inurl:jobseekerregister.php Home : WwW.P0C.cC/vb Email : [email protected] , [email protected] Vendor : http://www.easyjobportal.com + Exploit 1 Register Frist .. - http://localhost/path/jobseekerregister.php 2...