2189 matches found
CVE-2025-28915
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through = 1.2.9...
CVE-2025-28915
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through = 1.2.9...
CVE-2025-28915
ThemeEgg ToolKit (WordPress)
CVE-2025-28915 WordPress ThemeEgg ToolKit plugin <= 1.2.9 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through = 1.2.9...
CVE-2025-28915 WordPress ThemeEgg ToolKit plugin <= 1.2.9 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through = 1.2.9...
CVE-2024-51319
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimgupload.jsp...
CVE-2024-51319
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimgupload.jsp...
CVE-2024-51319
CVE-2024-51319 : A local file inclusion in Zucchetti Ad Hoc Infinity 2.4’s /servlet/Report, exploited by uploading a JSP web/reverse shell through /jsp/zimg_upload.jsp, allows an authenticated attacker to achieve Remote Code Execution. The vulnerability is locally exploitable with LOW user intera...
Resto - Single Vendor Online Food Ordering Shell Upload Vulnerability
Title: Resto - Single Vendor Online Food Ordering - Authenticated RCE Description: Resto Single Vendor Online Source URL: https://res.newmedilife.in/admin Source Name/Email: Mehmet Can Kadıoğlu a.k.a mao7un CVEs: N/A Software URL:...
ZENworks Configuration Management 11.1a Shell Upload
ZENworks Configuration Management version 11.1a suffers from a remote shell upload vulnerability. ============================================================================================================================================= | Title : ZENworks Configuration Management 11.1a PHP Cod...
The SOC files: Chasing the web shell
Web shells have evolved far beyond their original purpose of basic remote command execution, and many now function more like lightweight exploitation frameworks. These tools often include features such as in-memory module execution and encrypted command-and-control C2 communication, giving...
CVE-2025-26776
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3...
CVE-2025-26776
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3...
CVE-2025-26776
CVE-2025-26776 affects WordPress Chaty Pro plugin versions n/a through 3.3.3. The root cause is an Unrestricted Upload of File with Dangerous Type, enabling an attacker to upload a Web Shell to the web server. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) indicates a remote, unauthent...
CVE-2025-26776 WordPress Chaty Pro Plugin <= 3.3.3 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3...
CVE-2025-26776 WordPress Chaty Pro Plugin <= 3.3.3 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3...
WordPress plugin Chaty Pro 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
Learning Digital Orca HCM 代码问题漏洞
Learning Digital Orca HCM is a digital learning platform from China-based Learning Digital. A code issue vulnerability exists in Learning Digital Orca HCM, which stems from an improper implementation of the file upload functionality. An attacker can exploit the vulnerability to upload and run a W...
CVE-2021-26634
SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation. Attackers can use these vulnerabilities to perform attacks such as...
CVE-2025-23953
Unrestricted Upload of File with Dangerous Type vulnerability in Scriptonite user files user-files allows Upload a Web Shell to a Web Server.This issue affects user files: from n/a through = 2.4.2...