CVE-2018-25436

The CVE concerns the WordPress plugin Baggage Freight Shipping Australia version 0.1.0, where an unrestricted file upload vulnerability exists via the upload-package.php endpoint. Unauthenticated attackers can submit POST requests with malicious file extensions, and the handler moves files to the...

MAL-2025-37923 Malicious code in upload_package (npm)

The package uploadpackage was found to contain malicious code...

Exploit for CVE-2024-22263

CVE-2024-22263Scanner For Ethical Usage only, Any harmful or...

CVE-2022-2528

In affected versions of Octopus Deploy it is possible to upload a package to built-in feed with insufficient permissions after re-indexing packages...

CVE-2019-11198

Multiple cross-site scripting XSS vulnerabilities in Sitecore CMS 9.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 300583 - List Manager Dashboard module, 2 307638 - Campaign Creator module, 3 316994 - Attributes field, 4 I316995 - Icon Selection module, 5...