6 matches found
EUVD-2015-9370
Malware in sbrugna...
CVE-2025-7895 harry0703 MoneyPrinterTurbo File Extension video.py upload_bgm_file unrestricted upload
A vulnerability, which was classified as critical, was found in harry0703 MoneyPrinterTurbo up to 1.2.6. Affected is the function uploadbgmfile of the file app/controllers/v1/video.py of the component File Extension Handler. The manipulation of the argument File leads to unrestricted upload. It i...
CVE-2015-9530
The Easy Digital Downloads EDD Upload File extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
CVE-2025-32035
DNN (DotNetNuke) prior to version 9.13.2 does not verify file contents during uploads; it only checks file extensions, allowing a malicious file renamed to a benign extension (e.g., executable renamed to .jpg) to be uploaded. The issue is addressed in version 9.13.2. The practical implication is ...
GUnet OpenEclass 1.7.3 E-learning platform - (month) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link:...
WordPress Easy Digital Downloads Upload File extension cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.Easy Digital Downloads EDD Upload File extension is a file upload plugin used in it. A cross-site scripting vulnerability...