CVE-2025-50191

Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL Injection via POST userFile with the /main/exercise/hotpotatoes.php script. This issue has been patched in version 1.11.30...

CVE-2025-50191

Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL Injection via POST userFile with the /main/exercise/hotpotatoes.php script. This issue has been patched in version 1.11.30...

CVE-2025-50191

Chamilo LMS is affected by an error-based SQL injection in the /main/exercise/hotpotatoes.php script via POST to userFile, exploitable on versions prior to 1.11.30. The vulnerability allows an attacker to impact confidentiality and availability (HIGH severity per CVSS 4.0 metrics), with attack ve...

CVE-2025-50191 Chamilo: Error-based SQL Injection via POST userFile with the /main/exercise/hotpotatoes.php script

Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL Injection via POST userFile with the /main/exercise/hotpotatoes.php script. This issue has been patched in version 1.11.30...

CVE-2025-50191 Chamilo: Error-based SQL Injection via POST userFile with the /main/exercise/hotpotatoes.php script

Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL Injection via POST userFile with the /main/exercise/hotpotatoes.php script. This issue has been patched in version 1.11.30...

EUVD-2006-6895

Malware in sbrugna...

EUVD-2017-4295

Malware in sbrugna...

Yonyou YonBIP MA 路径遍历漏洞

YonBIP is a new generation of products developed by UFIDA, as the world's leading enterprise digital intelligence platform and application software. A path traversal vulnerability exists in YonBIP, which originates from improper operation of the parameter path in the file /mobsm/common/userfile,...

PT-2025-35790

Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.30 Description The Chamilo learning management system has an issue due to a lack of validation of XML object sequences. This can allow a remote attacker to execute arbitrary SQL queries. The issue exists in the...

CVE-2023-3804

A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file /Service/FileHandler.ashx. The manipulation of the argument userFile leads to unrestricted upload. The exploit has been...

Chengdu Flash Flood Disaster Monitoring and Warning System 代码问题漏洞

Chengdu Flash Flood Disaster Monitoring and Warning System is a flash flood disaster monitoring and warning system in Chengdu. A code issue exists in version 2.0 of the Chengdu Flash Flood Disaster Monitoring and Warning System where an incorrect operation of the parameter userFile can lead to...

PT-2023-26261 · Unknown · Chengdu Flash Flood Disaster Monitoring/Warning System

Name of the Vulnerable Software and Affected Versions: Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0 Description: A problematic vulnerability was found in the Chengdu Flash Flood Disaster Monitoring and Warning System. This issue affects the file /Service/FileHandler.ashx...

Free School Management Software 1.0 Cross Site Scripting

Exploit Title: Free School Management Software 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: fuzzyap1 Date: 7-12-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15073/free-school-management-software.html Software Link:...

Exploit for Missing Authentication for Critical Function in Atlassian Jira

CVE-2019-8449 Proof Of Concept Exploit f...

[SECURITY] [DLA 1063-1] extplorer security update

Package : extplorer Version : 2.1.0b6+dfsg.3-4+deb7u5 CVE ID : CVE-2017-12756 CVE-2017-12756 Fix command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter. For Debian 7 "Wheezy", these problems have been fixed in...

Extplorer Command Injection Vulnerability

eXtplorer is a PHP-based online file management program that supports online browsing of files and folders as well as logging into FTP servers as an FTP client. A command injection vulnerability exists in eXtplorer 2.1.9 and earlier versions. The vulnerability can be exploited to inject commands...

CVE-2017-12756

Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...

CVE-2017-12756

Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...

Command injection

Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...

CVE-2017-12756

Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...