CVE-2025-60786

A Zip Slip vulnerability in the import a Project component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via uploading a crafted Zip file...

Linux Distros Unpatched Vulnerability : CVE-2016-7902

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unrestricted file upload vulnerability in the fileUnzip-unzip method in Dotclear before 2.10.3 allows remote authenticated users with permissions to manage medi...

CVE-2025-44139

Emlog Pro V2.5.7 is vulnerable to Unrestricted Upload of File with Dangerous Type via /emlog/admin/plugin.php?action=uploadzip...

CVE-2025-53513

The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through th...

CVE-2025-2490

A vulnerability was found in Dromara ujcms 9.7.5. It has been rated as problematic. Affected by this issue is the function uploadZip/upload of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileUploadController.java of the component File Upload. The manipulation leads to cross site...

UJCMS 代码注入漏洞

UJCMS is a Java open source content management system from dromara open source. A code injection vulnerability exists in UJCMS version 9.7.5, which originates from cross-site scripting of the uploadZip/upload function in the File Upload component and could lead to a remote attack...