Pachno 代码问题漏洞

Pachno is an open-source collaboration platform developed by Pachno. Version 1.0.6 of Pachno contains code vulnerabilities; these vulnerabilities stem from ineffective file upload filtering, which could allow the upload of arbitrary files and execution of remote code...

Horilla security vulnerabilities

Horilla is a free open-source human resources software developed by Horilla Company. Versions of Horilla prior to 1.5.0 contained security vulnerabilities. These vulnerabilities were caused by file upload vulnerabilities combined with social engineering techniques, which could lead to credential...

EUVD-2014-0380

Malware in sbrugna...

EUVD-2018-2720

Malware in sbrugna...

EUVD-2009-4782

Malware in sbrugna...

EUVD-2015-6598

Malware in sbrugna...

EUVD-2011-4954

Malware in sbrugna...

EUVD-2025-16177

Malicious code in bioql PyPI...

EUVD-2025-16179

Malicious code in bioql PyPI...

EUVD-2025-6891

Malicious code in bioql PyPI...

AlmaLinux 9 : tomcat (ALSA-2025:14181)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14181 advisory. tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-49125...

Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits

Cybersecurity researchers have disclosed now-patched critical security flaws in the firmware of Dahua smart cameras that, if left unaddressed, could allow attackers to hijack control of susceptible devices. "The flaws, affecting the device's ONVIF protocol and file upload handlers, allow...

CVE-2025-30169

File upload and execute vulnerabilities in ASPECT allow PHP script injection if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2025-30173

File upload vulnerabilities are present in ASPECT if session administrator credentials become compromised This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2022-32119

Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...

CVE-2025-30173

File upload vulnerabilities are present in ASPECT if session administrator credentials become compromised This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2025-30169

File upload and execute vulnerabilities in ASPECT allow PHP script injection if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2025-30173

Summary: CVE-2025-30173 affects ABB’s ASPECT product line (ASPECT-Enterprise, NEXUS Series, MATRIX Series) up to version 3.08.03. The issue is a file upload vulnerability that can be triggered if a session administrator credentials are compromised. According to sources, exploitation is a network ...

PT-2025-22520 · Unknown · Nexus Series +2

Name of the Vulnerable Software and Affected Versions: ASPECT-Enterprise versions through 3.08.03 NEXUS Series versions through 3.08.03 MATRIX Series versions through 3.08.03 Description: The issue allows PHP script injection if session administrator credentials become compromised. This is relate...

CVE-2005-2998

PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files...