EUVD-2025-199678

Unauthenticated Arbitrary File Deletion upgradecontents.php in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deleteupgrade parameter allows unauthenticated deletion of arbitrary...

CVE-2025-61188

Jeecgboot versions 3.8.2 and earlier are affected by a path traversal vulnerability. This vulnerability allows attackers to upload files with system-whitelisted extensions to the system directory /opt, instead of the /opt/upFiles directory specified by the web server...

Design/Logic Flaw

An arbitrary file upload vulnerability in /classes/profile.class.php in Jigowatt "PHP Login & User Management" before 4.1.1, as distributed in the Envato Market, allows any remote authenticated user to upload .php files to the web server via a profile avatar field. This results in arbitrary code...

Page Manager CMS 2006-02-04 - Arbitrary File Upload

================================================================ Page Manager CMS Remote Arbitrary File Upload Vulnerability ================================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...