2180 matches found
CVE-2025-56295
CVE-2025-56295 affects the code-projects Computer Laboratory System 1.0. The issue is a file upload vulnerability in the avatar modification flow, where the upload feature does not restrict file types, enabling staff to upload malicious PHP backdoor files. This can be leveraged to establish a web...
CVE-2025-56295
code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload malicious files by uploading PHP backdoor files when modifying personal avatar information and use web shell connection tools to obtain server permissions...
CVE-2025-57642
A Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and execute arbitrary PHP shell scripts on the server, leading to remote code execution and unauthorized access to the system. This can result in the compromise of sensitive data and system functionality...
CVE-2025-58819
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image bulk-featured-image allows Upload a Web Shell to a Web Server.This issue affects Bulk Featured Image: from n/a through = 1.2.4...
CVE-2025-58819
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image bulk-featured-image allows Upload a Web Shell to a Web Server.This issue affects Bulk Featured Image: from n/a through = 1.2.4...
CVE-2025-58819 WordPress Bulk Featured Image plugin <= 1.2.4 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image bulk-featured-image allows Upload a Web Shell to a Web Server.This issue affects Bulk Featured Image: from n/a through = 1.2.4...
CVE-2025-58819
CVE-2025-58819 describes an unrestricted file upload vulnerability in the WordPress plugin Bulk Featured Image (versions up to 1.2.2). The flaw permits uploading files with dangerous types, enabling potential web-shell upload to the web server. Multiple connected sources corroborate the affected ...
CVE-2025-58819 WordPress Bulk Featured Image plugin <= 1.2.4 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image bulk-featured-image allows Upload a Web Shell to a Web Server.This issue affects Bulk Featured Image: from n/a through = 1.2.4...
WordPress plugin Bulk Featured Image 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...
PT-2025-36158
Name of the Vulnerable Software and Affected Versions: CreedAlly Bulk Featured Image versions through 1.2.2 Description: The Bulk Featured Image plugin contains a vulnerability that allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to...
CVE-2025-31100
Unrestricted Upload of File with Dangerous Type vulnerability in Mojoomla School Management allows Upload a Web Shell to a Web Server.This issue affects School Management: from n/a through 1.93.1 02-07-2025...
WordPress Mojoomla School Management plugin file upload vulnerability
WordPress Mojoomla School Management plugin is a WordPress plugin mainly used for school management system, support class management, student attendance, grade management, fee collection and other functions. WordPress Mojoomla School Management plugin has a file upload vulnerability, which stems...
CVE-2025-31100
Unrestricted Upload of File with Dangerous Type vulnerability in Mojoomla School Management allows Upload a Web Shell to a Web Server.This issue affects School Management: from n/a through 1.93.1 02-07-2025...
CVE-2025-31100 WordPress School Management Plugin <= 1.93.1 (02-07-2025) - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Mojoomla School Management allows Upload a Web Shell to a Web Server.This issue affects School Management: from n/a through 1.93.1 02-07-2025...
CVE-2025-31100
CVE-2025-31100 relates to an unrestricted file upload vulnerability in the WordPress/“Mojoomla” School Management plugin. The issue allows uploading a Web Shell to the web server and affects versions n/a through 1.93.1 (02-07-2025). The root cause is an unrestricted upload of dangerous file types...
WordPress plugin Mojoomla School Management 代码问题漏洞
WordPress Mojoomla School Management plugin is a WordPress plugin mainly used for school management system, support class management, student attendance, grade management, fee collection and other functions. WordPress Mojoomla School Management plugin has a file upload vulnerability, which stems...
PT-2025-35387
Name of the Vulnerable Software and Affected Versions: Mojoomla School Management versions n/a through 1.93.1 Description: A flaw exists in Mojoomla School Management that allows for unrestricted file uploads, potentially enabling attackers to upload web shells to a web server. This could lead to...
CVE-2025-49387
Unrestricted Upload of File with Dangerous Type vulnerability in add-ons.org Drag and Drop File Upload for Elementor Forms drag-and-drop-file-upload-for-elementor-forms allows Upload a Web Shell to a Web Server.This issue affects Drag and Drop File Upload for Elementor Forms: from n/a through =...
CVE-2025-49387
Unrestricted Upload of File with Dangerous Type vulnerability in add-ons.org Drag and Drop File Upload for Elementor Forms drag-and-drop-file-upload-for-elementor-forms allows Upload a Web Shell to a Web Server.This issue affects Drag and Drop File Upload for Elementor Forms: from n/a through =...
CVE-2025-49387 WordPress Drag and Drop File Upload for Elementor Forms Plugin <= 1.5.3 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in add-ons.org Drag and Drop File Upload for Elementor Forms allows Upload a Web Shell to a Web Server. This issue affects Drag and Drop File Upload for Elementor Forms: from n/a through 1.5.3...