CVE-2026-10550

A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is possible. The exploi...

ELADMIN 命令注入漏洞

ELADMIN is a backend management system developed by elunez’s individual developer. Versions of ELADMIN 2.7 and earlier had a command injection vulnerability. This vulnerability stemmed from the operation of the uploadPath parameter in the App.java file within the Application Deployment Module...

Yifang CMS 代码问题漏洞

Yifang CMS is a PHP enterprise website development and construction management system of China Yifang Company. A code issue vulnerability exists in Yifang CMS 2.0.2 and earlier versions, which stems from the incorrect operation of the parameter uploadpath of the function webUploader of the...

PT-2024-37192 · WordPress · Wordpress File Upload

Name of the Vulnerable Software and Affected Versions: WordPress File Upload plugin for WordPress versions up to, and including, 4.24.7 Description: The issue allows authenticated attackers with Contributor-level access and above to upload limited files to arbitrary locations on the web server du...