3 matches found
CVE-2025-65897
zdhweb is a data collection, processing, monitoring, scheduling, and management platform. In zdhweb thru 5.6.17, insufficient validation of file upload paths in the application allows an authenticated user to write arbitrary files to the server file system, potentially overwriting existing files...
CVE-2025-65897
CVE-2025-65897 affects zdh_web up to version 5.6.17. The issue is insufficient validation of file upload paths, allowing an authenticated user to write arbitrary files to the server filesystem, potentially overwriting files and enabling privilege escalation or remote code execution. Multiple sour...
Arbitrary File Upload
dilab/resumable.php is vulnerable to Arbitrary File Upload. The vulnerability arises due to a lack of file upload path validation within Resumable.php. An attacker can arbitrarily upload any non existing file on the filesystem...