116 matches found
CVE-2025-60500
QDocs Smart School Management System 7.1 allows authenticated users with roles such as "accountant" or "admin" to bypass file type restrictions in the media upload feature by abusing the alternate YouTube URL option. This logic flaw permits uploading of arbitrary PHP files, which are stored in a...
EUVD-2024-28180
Malicious code in bioql PyPI...
PT-2025-32551 · Unknown · Auxilium Ratemypet
Name of the Vulnerable Software and Affected Versions: Auxilium RateMyPet affected versions not specified Description: Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in the upload banners.php file. The banner upload feature does not validate file types or requi...
CVE-2012-10036
Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/uploadfile.php. The upload handler fails to validate the file type or enforce authentication, allowing remote attackers to upload malicious PHP files directly into a web-accessible directory. T...
CVE-2012-10052
EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files directly into the web-accessible egallery/ directory...
CVE-2012-10045 XODA 0.4.5 Arbitrary PHP File Upload
XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to properly validate or restrict uploaded file types. By crafting a multipart/form-data POST...
CVE-2012-10045 XODA 0.4.5 Arbitrary PHP File Upload
XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to properly validate or restrict uploaded file types. By crafting a multipart/form-data POST...
CVE-2024-30252
Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is ...
CVE-2025-25286
Crayfish is a collection of Islandora 8 microservices, one of which, Homarus, provides FFmpeg as a microservice. Prior to Crayfish version 4.1.0, remote code execution may be possible in web-accessible installations of Homarus in certain configurations. The issue has been patched in...
Crayfish 安全漏洞
Crayfish is a collection of Islandora microservices open-sourced by Islandora. A security vulnerability exists in Crayfish that stems from remote code execution that can occur in Homarus installations that are accessible via the Web under certain configurations...
PT-2025-7251 · Hypercube · Hypercube
Name of the Vulnerable Software and Affected Versions: hypercube affected versions not specified Description: The issue allows for remote code execution in web-accessible installations of hypercube. To exploit this, an attacker must make a request against hypercube's endpoints. Standard security...
Crayfish allows Remote Code Execution via Homarus Authorization header
Impact Remote code execution may be possible in web-accessible installations of Homarus in certain configurations. Patches The issue has been patched in islandora/crayfish:4.1.0 Workarounds The exploit requires making a request against the Homarus's /convert endpoint; therefore, the ability to...
DEBIAN-CVE-2024-32491
An issue was discovered in Znuny and Znuny LTS 6.0.31 through 6.5.7 and Znuny 7.0.1 through 7.0.16 where a logged-in user can upload a file via a manipulated AJAX Request to an arbitrary writable location by traversing paths. Arbitrary code can be executed if this location is publicly available...
PT-2024-23299 · Livemarks · Livemarks
Name of the Vulnerable Software and Affected Versions: Livemarks versions prior to 3.7 Description: The issue allows a malicious website to coerce the extension into sending an authenticated GET request to an arbitrary URL, potentially leading to Privilege Escalation. This occurs because the...
Information Disclosure
microsoft/microsoft-graph-core is vulnerable to Information Disclosure. The vulnerability is due to the inclusion of test code that enables the use of the phpInfo function, specifically through the GetPhpInfo.php script, which can expose sensitive system information if the server is misconfigured...
Information Disclosure
microsoft/microsoft-graph is vulnerable to Information Disclosure. The vulnerability exists in the phpinfo function of GetPhpInfo.php, allowing an attacker to access unauthorized system information such as configuration details, modules, and environment variables. This vulnerability is only...
Design/Logic Flaw
msgraph-sdk-php is the Microsoft Graph Library for PHP. The Microsoft Graph PHP SDK published packages which contained test code that enabled the use of the phpInfo function from any application that could access and execute the file at vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php. The...
GHSA-JM6M-4632-36HF Composer Remote Code Execution vulnerability via web-accessible composer.phar
Impact Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be impacted if PHP also has registerargcargv enabled in php.ini. Patches 2.6.4, 2.2.22 and 1.10.27 patch this vulnerability. Workarounds Make sure registerargcargv i...
Composer Remote Code Execution vulnerability via web-accessible composer.phar
Impact Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be impacted if PHP also has registerargcargv enabled in php.ini. Patches 2.6.4, 2.2.22 and 1.10.27 patch this vulnerability. Workarounds Make sure registerargcargv i...
Remote Code Execution via web-accessible composer
Composer project reports: Description: Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be impacted if PHP also has registerargcargv enabled in php.ini. Workaround: Make sure registerargcargv is disabled in php.ini, and...