CVE-2024-58348 WordPress Background Image Cropper 1.2 Remote Code Execution

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary...

PT-2025-3572 · Zenitel · Zenitel Alphaweb Xe

Name of the Vulnerable Software and Affected Versions: Zenitel AlphaWeb XE version 11.2.3.10 Description: The issue is related to a local file inclusion vulnerability. It affects the component amc uploads.php. There is no information provided about the estimated number of potentially affected...

GLPI Cartography Plugin v6.0.0 - Unauthenticated Remote Code Execution Vulnerability

Exploit Title: GLPI Cartography Plugin v6.0.0 - Unauthenticated Remote Code Execution RCE Application: GLPI Cartography...

CVE-2022-28033

Atom.CMS 2.0 is vulnerable to SQL Injection via Atom.CMSadminuploads.php...

CVE-2022-25487

Atom CMS v2.0 was discovered to contain a remote code execution RCE vulnerability via /admin/uploads.php...