205 matches found
CVE-2021-47839
CVE-2021-47839 concerns Marky 0.0.1, where a persistent cross-site scripting (XSS) flaw allows attackers to inject and store JavaScript in uploaded markdown files. When such files are opened, embedded scripts can execute, potentially enabling remote code execution. The provided documents describe...
CVE-2026-21625
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening...
Markdown Explorer security vulnerabilities
Markdown Explorer is a Markdown document browser developed by jersou. Version 0.1.1 of Markdown Explorer contains a security vulnerability; this vulnerability stems from cross-site scripting in file uploads and editor inputs, which may lead to remote code execution...
SiYuan cross-site scripting vulnerabilities
SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.5.4-dev2 contained a cross-site scripting vulnerability. This vulnerability stemmed from uncleaned uploaded SVG files, and could lead to storage-based cross-site scripting attacks...
EUVD-2026-1998
WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, WebErpMesv2 contains a file upload validation bypass vulnerability in multiple controllers that allows authenticated users to upload arbitrary files, including PHP scripts, leading to Remote...
e-point CMS 安全漏洞
e-point CMS is a content management system from e-point Poland. A security vulnerability exists in e-point CMS eagle.gsam-1169.1 version, which stems from the file upload feature not adequately validating archived content, which could lead to remote code execution...
CVE-2025-63317
Todoist v8896 is vulnerable to Cross Site Scripting XSS in /api/v1/uploads. Uploaded SVG files have no sanitization applied, so embedded JavaScript executes when a user opens the attachment from a task/comment...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via SVG files in diagram type products. An attacker can execute arbitrary web scripts or HTML in the context of a user's browser by uploading a specially crafted SVG file. Details Cross-site scripting or XSS is ...
CVE-2025-60451
A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists due to insufficient validation and sanitization of SVG file uploads in the app\system\include\module\uploadify.class.php component, specifically in the website settings module...
CVE-2025-59525 Horilla has Improper Input Sanitization Leading to XSS and Admin Account Takeover
Horilla is a free and open source Human Resource Management System HRMS. Prior to version 1.4.0, improper sanitization across the application allows XSS via uploaded SVG and via allowed , which can be chained to execute JavaScript whenever users view impacted content e.g., announcements. This can...
FreeBSD : Gitlab -- Vulnerabilities (602fc0fa-8ece-11f0-9d03-2cf05da270f3)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 602fc0fa-8ece-11f0-9d03-2cf05da270f3 advisory. Gitlab reports: Denial of Service issue in SAML Responses impacts GitLab CE/EE Server-Side...
CVE-2025-55944
Slink v1.4.9 allows stored cross-site scripting XSS via crafted SVG uploads. When a user views the shared image in a new browser tab, the embedded JavaScript executes. The issue affects both authenticated and unauthenticated users...
CVE-2025-56761
Memos 0.22 is vulnerable to Stored Cross site scripting XSS vulnerabilities by the upload attachment and user avatar features. Memos does not verify the content type of the uploaded data and serve it back as is. An authenticated attacker can use this to elevate their privileges when the stored XS...
PT-2025-34258 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 10.8.x through 10.8.3 Mattermost versions 10.5.x through 10.5.8 Mattermost versions 10.10.x through 10.10.0 Mattermost versions 10.9.x through 10.9.3 Description: The application fails to sanitize file names, potentially...
Windows-Privilege-Escalation
Windows-Privilege-Escalation Here is my step-by-step windows privlege escalation methodology. This guide assumes you are starting with a very limited shell like a webshell, netcat reverse shell or a remote telnet connection. First things first and quick wins Do some basic enumeration to figure ou...
External Control of File Name or Path
Overview OctoPrint is a snappy web interface for your 3D printer Affected versions of this package are vulnerable to External Control of File Name or Path via the upload endpoints. An attacker with the FILEUPLOAD permission can move files from the host into the upload folder, from where they can ...
WordPress plugin Bit File Manager 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Bit File Manager plugin, which stems from insufficient input cleanup and escaping during SVG file uploads, and no...
CVE-2013-3520
VMware vCenter Chargeback Manager aka CBM before 2.5.1 does not proper handle uploads, which allows remote attackers to execute arbitrary code via unspecified vectors...
Schweitzer Engineering Laboratories SEL Series 安全漏洞
Schweitzer Engineering Laboratories SEL Series is a series of software and firmware products from Schweitzer Engineering Laboratories, Inc. A security vulnerability exists in the Schweitzer Engineering Laboratories SEL Series that stems from an improper pathname restriction could lead to file...
DRUPAL-CONTRIB-2025-057
The Advanced File Destination module enhances file upload management in Drupal by allowing users to choose and create custom directories during file uploads. The module has multiple vulnerabilities that were reported through the Drupal Security Team's coordinated vulnerability process. The projec...