CVE-2025-67707

ArcGIS Server version 11.5 and earlier on Windows and Linux does not properly validate uploaded files file, which allows remote attackers to upload arbitrary files...

Esri ArcGIS Server 代码问题漏洞

Esri ArcGIS Server is a web-oriented enterprise software platform available for providing geolocation services from Esri. A code issue vulnerability exists in Esri ArcGIS Server 11.5 and prior versions that stems from not properly validating an uploaded file, which could result in the upload of a...

CVE-2025-66384

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

CVE-2025-66384

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

CVE-2025-66384

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

MISP 安全漏洞

MISP is an open source software solution from MISP Open Source. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP versions prior to 2.5.24 th...

CVE-2025-66384

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

EUVD-2025-199869

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

EUVD-2023-34432

Malicious code in bioql PyPI...

CVE-2025-58159 WeGIA Authenticated Arbitrary File Upload Leading To Remote Code Execution (RCE)

WeGIA is a Web manager for charitable institutions. Prior to version 3.4.11, a remote code execution vulnerability was identified, caused by improper validation of uploaded files. The application allows an attacker to upload files with arbitrary filenames, including those with a .php extension...

Code-Projects Simple Forum 代码问题漏洞

Simple forum is a simple forum. Simple forum has a code issue vulnerability that stems from the lack of valid validation of uploaded files in the parameter File in the file /forum1.php. An attacker can exploit this vulnerability to upload malicious files...

IBM Security ReaQta 代码问题漏洞

IBM Security ReaQta is an AI autonomous detection and response platform from International Business Machines IBM. IBM Security ReaQta version 3.12 suffers from a code issue vulnerability that stems from the application's lack of effective validation of uploaded files. An attacker can exploit the...

CVE-2025-22389

An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS, where the application does not properly validate uploaded files. This allows the upload of potentially malicious file types, including .docm .html. When accessed by...

Optimizely EPiServer.CMS.Core 安全漏洞

Optimizely EPiServer.CMS.Core is a content management system core from Optimizely, Inc. A security vulnerability exists in Optimizely EPiServer.CMS.Core versions prior to 12.32.0 that stems from not properly validating uploaded files...

CVE-2022-1273

The Import WP WordPress plugin before 2.4.6 does not validate the imported file in some cases, allowing high privilege users such as admin to upload arbitrary files such as PHP, leading to RCE...