68984 matches found
CVE-2026-57827
The CVE-2026-57827 entry concerns the Joomla extension RSFiles (RSFiles component) from rsjoomla.com, affected versions prior to 1.17.12. The vulnerability is an unauthenticated arbitrary file upload that can upload executable files, enabling full remote code execution (RCE). The connected record...
EUVD-2026-43168
The Joomla extension RSFiles is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE...
CVE-2026-57828
The CVE-2026-57828 entry concerns the Joomla extension Phoca Downloads (Phoca.cz) with an authenticated arbitrary file upload vulnerability in the RSFiles component prior to 6.1.3. The issue allows registered users to upload executable files, enabling full remote code execution (RCE). The provide...
EUVD-2026-43167
The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE...
EUVD-2026-43158
The WCFM Marketplace – Multivendor Marketplace for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Attachment 'posttitle' in all versions up to, and including, 3.7.3 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2354
CVE-2026-2354 affects the Swiss Toolkit For WP WordPress plugin up to version 1.4.6. A flawed file type validation bypass in upload_extension_files() hooks into wp_check_filetype_and_ext and uses strpos() on the filename to validate extensions instead of checking the actual file type. This enable...
EUVD-2026-43133
The Swiss Toolkit For WP plugin for WordPress is vulnerable to arbitrary file upload due to a flawed file type validation bypass in the uploadextensionfiles function in all versions up to, and including, 1.4.6. The uploadextensionfiles function hooks into WordPress's wpcheckfiletypeandext filter...
EUVD-2026-43116
OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the legacy web UI program‑upload workflow. The application stores an attacker‑supplied filename progfile directly into the Programs.File database field and later uses this value as the destination path for an...
Joomla! JCE extension < 2.9.99.5 unauthenticated RCE
Joomla JCE editor extension contains an unrestricted file upload vulnerability caused by allowing unauthenticated users to create new editor profiles, letting attackers upload and execute PHP code remotely, exploit requires no authentication. id: CVE-2026-48907 info: name: Joomla! JCE extension...
Adobe ColdFusion - Unrestricted File Upload Remote Code Execution
Adobe ColdFusion versions July 12 release 2018.0.0.310739, Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution. id: CVE-2018-15961 info: name: Adobe ColdFusion - Unrestricted File Upload...
DELMIA Apriso - Command Injection
An Improper Control of Generation of Code code injection / file upload → RCE vulnerability affecting DELMIA Apriso Release 2020 → Release 2025. When an authenticated user can upload files and the upload handler fails to canonicalize filenames or enforce storage restrictions, an attacker may place...
Samsung MagicINFO 9 Server 21.1050.0 - Remote Code Execution
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority. id: CVE-2024-7399 info: name: Samsung MagicINFO 9 Server 21.1050.0 - Remote Code Execution author:...
Likeshop < 2.5.7.20210311 - Arbitrary File Upload
A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file with an...
Cisco HyperFlex HX Data Platform - Arbitrary File Upload
Cisco HyperFlex HX Data Platform contains an arbitrary file upload vulnerability in the web-based management interface. An attacker can send a specific HTTP request to an affected device, thus enabling upload of files to the affected device with the permissions of the tomcat8 user. id:...
PhpColl 2.5.1 Arbitrary File Upload
PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logosclients/ via clients/editclient.php. id: CVE-2017-6090 info: name: PhpColl 2.5.1 Arbitrary File Uplo...
PT-2026-57426
Name of the Vulnerable Software and Affected Versions Phoca Downloads affected versions not specified Description An authenticated arbitrary file upload issue exists in the Phoca Downloads extension. This flaw allows registered users to upload executable files, which can lead to remote code...
PT-2026-57425
Name of the Vulnerable Software and Affected Versions RSFiles versions prior to 1.17.12 Description An unauthenticated arbitrary file upload flaw allows attackers to upload executable files, which can lead to full Remote Code Execution RCE, a state where an attacker can execute arbitrary commands...
PT-2026-57441
Name of the Vulnerable Software and Affected Versions Parse Server versions 9.0.0 through 9.10.0-alpha.1 Parse Server versions 8.x through 8.6.83 Description A stored cross-site scripting XSS issue exists when the software fails to recognize an uploaded file's extension via the mime package,...
CVE-2026-14480
CVE-2026-14480 affects OpenPLC Runtime v3. An authenticated user can write arbitrary files via the legacy web UI program-upload workflow by storing a attacker-controlled filename (prog_file) that is later used as the destination path. Python os.path.join() honors absolute paths, enabling writes a...
CVE-2026-55466
Snipe-IT prior to 8.6.2 is affected. The vulnerability arises because UploadFileRequest sanitizes SVGs only when PHP finfo reports image/svg+xml and UploadedFilesController serves attachments inline without StorageHelper::allowSafeInline(), allowing a low-privilege user to upload active XHTML or ...