2 matches found
ProjectSend 安全漏洞
ProjectSend cFTP is an open-source hosted application based on PHP and MySQL by ProjectSend. The ProjectSend r2002 version has a security vulnerability, which stems from improper handling of the file upload.php file, potentially leading to cross-site request forgery attacks...
CVE-2025-60445
A stored Cross-Site Scripting XSS vulnerability has been discovered in XunRuiCMS version 4.7.1. The vulnerability exists due to insufficient validation of SVG file uploads in the dayrui/Fcms/Library/Upload.php component, allowing attackers to inject malicious JavaScript code that executes when th...