CVE-2024-3584

qdrant/qdrant version 1.9.0-dev is vulnerable to path traversal due to improper input validation in the /collections/name/snapshots/upload endpoint. By manipulating the name parameter through URL encoding, an attacker can upload a file to an arbitrary location on the system, such as /root/poc.txt...

CVE-2024-45398

Contao is an Open Source CMS. In affected versions a back end user with access to the file manager can upload malicious files and execute them on the server. Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to update are advised to configure their web server so it does...

CVE-2024-8507

The File Manager Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.3.9. This is due to missing or incorrect nonce validation on the 'mkfilefoldermanager' ajax action. This makes it possible for unauthenticated attackers to upload arbitrar...

Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits

Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances. "When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the...

OCLS MSMS-PHP 1.0 Shell Upload

OCLS MSMS-PHP version 1.0 suffers from a remote shell upload vulnerability. Titles: OCLS MSMS-PHP by: oretnom23 v1.0 -Copyright © 2025. All rights reserved. File Upload-FU and Remote Code Execution-RCE Vulnerabilities Author: nu11secur1ty Date: 01/15/2025 Vendor: https://github.com/oretnom23...

CVE-2024-48760

An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function. The attacker can upload a malicious perlcmd.cgi file that overwrites the original upload.cgi file, enabling remote command execution...

CVE-2024-43657

Summary of CVE-2024-43657 (Iocharger firmware) : Affects AC model Iocharger firmware before 24120701. The issue is an improper neutralization of special elements in a firmware file, enabling OS command injection as root via the processing of a firmware upload. Attack requires a low-privileged acc...

CVE-2022-45185

CVE-2022-45185 affects SuiteCRM 7.12.7. Authenticated users can upload malicious files through CRM functions, and Minecraft-like… sorry, deserialization can be used to achieve code execution. The Red Hat and OSV entries confirm the same description. The documented impact is high (CVE-3.1 base sco...

CVE-2024-12994

A vulnerability was found in running-elephant Datart 1.0.0-rc3. It has been rated as critical. Affected by this issue is the function extractModel of the file /import of the component File Upload. The manipulation of the argument file leads to deserialization. The attack may be launched remotely...

CVE-2024-12956

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. This issue affects some unknown processing of the file /addachievementdetails.php. The manipulation of the argument achcerty leads to unrestricted upload. The attack may be initiated remotel...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat

CVE-2024-50379 Exploitation and POC This repository contains...

Apache Tomcat Remote Code Execution Vulnerability

Apache Tomcat is the United States Apache Apache Software Foundation, a lightweight Web application server. The program implements the Servlet and JavaServer Page JSP support. A remote code execution vulnerability exists in Apache Tomcat due to a configuration in web.xml that turns on readonly to...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat

CVE-2024-50379 Exploitation and POC This repository contains...

PT-2024-9810

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 9.0.0-M1 through 11.0.1 Description: The issue is a Time-of-check Time-of-use TOCTOU Race Condition vulnerability that can be exploited to bypass case sensitivity checks and execute arbitrary code. This can be done by...

IBM Cognos Controller File Upload Vulnerability (CNVD-2024-49171)

IBM Cognos Controller is a suite of business intelligence and planning solutions from International Business Machines IBM. The product features process automation, financial audit control, and the creation and management of financial reports. A file upload vulnerability exists in IBM Cognos...

CVE-2024-53617

A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload...

CVE-2024-52787

An issue in the uploaddocuments method of libre-chat v0.0.6 allows attackers to execute a path traversal via supplying a crafted filename in an uploaded file...

EUVD-2024-47434

The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'uploadimgfile' function in all versions up to, and including, 2.3.10. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload...

CVE-2023-45197

The CVE-2023-45197 entry concerns Adminer and AdminerEvo where the file-upload plugin allows uploading a file with a table name of “..” to the Adminer directory root, enabling an attacker to guess the filename and execute it. Affected software: Adminer and AdminerEvo (Adminer is no longer support...

PT-2024-4420 · Zyxel · Zyxel Nas542 +1

Name of the Vulnerable Software and Affected Versions: Zyxel NAS326 versions prior to V5.21AAZF.17C0 Zyxel NAS542 versions prior to V5.21ABAG.14C0 Description: A remote code execution vulnerability exists in the file upload-cgi program. An unauthenticated attacker can execute arbitrary code by...