dify 跨站脚本漏洞

Dify is an open-source LLM application development platform developed by LangGenius. Versions of Dify prior to 1.13.1 had a cross-site scripting vulnerability. This vulnerability stemmed from the POST /api/files/upload method, which allowed unauthenticated users to upload SVG files containing...

PT-2026-35793

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.8 Description A filesystem policy bypass exists in the processing of docx uploads, enabling local file reads outside of workspace boundaries. This allows attackers to access files beyond the intended...

CVE-2026-33436

Stirling-PDF is a locally hosted web application that facilitates various operations on PDF files. In versions prior to 2.0.0, file upload endpoints render user-supplied filenames directly into HTML using unsafe methods like innerHTML without sanitization. An attacker can craft a file with a...

PT-2026-33506

Name of the Vulnerable Software and Affected Versions Stirling-PDF versions prior to 2.0.0 Description File upload endpoints render user-supplied filenames directly into HTML using unsafe methods such as innerHTML without sanitization. This allows an attacker to craft a file with a malicious...

Fireshare 路径遍历漏洞

Fireshare is a media hosting software developed by Shane Israel as an individual project. Versions of Fireshare prior to 1.5.3 contained a path traversal vulnerability. This vulnerability stemmed from the lack of fixes for unauthenticated/api/uploadchunked/public endpoints, allowing attackers to...

Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints

Impact The client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize filenames. An attacker could craft filenames to escape the intended storage location. Consumers are affected if ALL of these are true: - Payload version v3.78.0 - Using client-upload signed-URL...

CVE-2025-69437

PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF file containing a malicious payload to the system and views it, the embedded JavaScript payload can...

EUVD-2025-208142

PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF file containing a malicious payload to the system and views it, the embedded JavaScript payload can...

CVE-2025-69437

PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF file containing a malicious payload to the system and views it, the embedded JavaScript payload can...

CVE-2025-69437

PublicCMS v5.202506.d and earlier are exposed to a stored XSS flaw in the Pdf handling path. Uploaded PDFs can carry JavaScript payloads that bypass backend checks in CmsFileUtils.java and when viewed by a user can trigger the embedded payload, potentially enabling credential theft and arbitrary ...

CVE-2025-69437

PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF file containing a malicious payload to the system and views it, the embedded JavaScript payload can...

CVE-2025-69437

PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF file containing a malicious payload to the system and views it, the embedded JavaScript payload can...

PT-2026-22348

Name of the Vulnerable Software and Affected Versions PublicCMS versions prior to 5.202506.d Description The software contains a stored cross-site scripting XSS issue. Uploaded PDF files can include JavaScript payloads that bypass security checks within the backend CmsFileUtils.java. When a user...

FUXA 安全漏洞

FUXA is a web-based process visualization software developed by frangoteam. Version 1.2.7 of FUXA contains a security vulnerability. This vulnerability stems from the lack of an authentication mechanism for the/api/upload API endpoints. This allows unauthorized remote attackers to upload arbitrar...

PT-2026-6302

Name of the Vulnerable Software and Affected Versions CI4MS versions prior to 0.28.5.0 Description CI4MS is a CodeIgniter 4-based CMS skeleton that provides a production-ready, modular architecture with RBAC authorization and theme support. An authenticated user with file editor permissions can...

📄 Django Summernote 0.8.20.0 Unrestricted File Upload Scanner

This Metasploit Auxiliary Scanner module detects unrestricted file upload vulnerabilities in django-summernote. It targets misconfigurations where image validation depends on the Pillow library and allows non-image files to be uploaded when Pillow is missing. The module safely scans common upload...

📄 ClipBucket 5.5.2 Build 90 Practical Exploitation Tool

An enhanced Python penetration testing tool designed specifically for ClipBucket video sharing platform vulnerability assessment and exploitation. It checks for remote command execution, file upload, SQL injection, local file inclusion, and more. It affects ClipBucket version 5.5.2 Build 90...

📄 eGovFramework 4.3.1 Arbitrary File Upload

eGovFramework version 4.3.1 proof of concept exploit that demonstrates an arbitrary file upload vulnerability. ============================================================================================================================================= | Title : eGovFramework 4.3.1 Unauthenticate...

CVE-2025-34336

eGovFramework/egovframe-common-components versions up to and including 4.3.1 contain an unauthenticated file upload vulnerability via the /utl/wed/insertImage.do and /utl/wed/insertImageCk.do image upload endpoints. These controllers accept multipart requests without authentication, pass the...

CVE-2025-34336 eGovFramework <= 4.3.1 Unauthenticated File Upload via Web Editor Image Upload Endpoints

eGovFramework/egovframe-common-components versions up to and including 4.3.1 contain an unauthenticated file upload vulnerability via the /utl/wed/insertImage.do and /utl/wed/insertImageCk.do image upload endpoints. These controllers accept multipart requests without authentication, pass the...