CVE-2024-11680

ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application's configuration. Successful exploitation...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity

Exploiting CVE-2024-27198-RCE Vulnerability In this project, I...

WordPress plugin WR Price List Manager For Woocommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists in t...

CVE-2025-21624

ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 239, a file upload vulnerability exists in the Manage Playlist functionality of the application, specifically surrounding the uploading of playlist cover images. Without proper checks, an attacker can upload a PHP script...

EUVD-2025-2576

ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 239, a file upload vulnerability exists in the Manage Playlist functionality of the application, specifically surrounding the uploading of playlist cover images. Without proper checks, an attacker can upload a PHP script...

CVE-2025-21624 ClipBucket V5 Playlist Cover File Upload to Remote Code Execution

ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 239, a file upload vulnerability exists in the Manage Playlist functionality of the application, specifically surrounding the uploading of playlist cover images. Without proper checks, an attacker can upload a PHP script...

PT-2025-4308

Name of the Vulnerable Software and Affected Versions ClipBucket V5 versions prior to 5.5.1 - 239 Description A file upload vulnerability exists in the Manage Playlist functionality of the application, specifically surrounding the uploading of playlist cover images. Without proper checks, an...

ClipBucket 代码问题漏洞

ClipBucket is an open source and freely downloadable PHP script from MacWarrior Open Source. It is used for sharing video sites. A security vulnerability exists in ClipBucket V5 5.5.1 - 238 and prior versions, which stems from an incorrect check in the file upload functionality that could allow a...

Chamilo v1.11.24 Unrestricted File Upload PHP Webshell

Chamilo LMS is a free software e-learning and content management system. In versions prior to use exploit/linux/http/chamilobiguploadwebshell msf exploitchamilobiguploadwebshell show targets ...targets... msf exploitchamilobiguploadwebshell set TARGET msf exploitchamilobiguploadwebshell show...

TRCore DVC File Upload Vulnerability

TRCore DVC is a file insurance system from TRCore China. TRCore DVC suffers from a file upload vulnerability, which stems from unrestricted upload file types, and can be exploited by an attacker to upload arbitrary files to any directory, and achieve arbitrary code execution by uploading a webshe...

TRCore DVC File Upload Vulnerability (CNVD-2024-46432)

TRCore DVC is a file insurance system from TRCore China. TRCore DVC suffers from a file upload vulnerability that can be exploited by an attacker to upload arbitrary files to any directory and achieve arbitrary code execution by uploading a webshell...

TRCore DVC File Upload Vulnerability (CNVD-2024-46435)

TRCore DVC is a file insurance system from TRCore China. TRCore DVC suffers from a file upload vulnerability that can be exploited by an attacker to upload arbitrary files to any directory and achieve arbitrary code execution by uploading a webshell...

TRCore DVC File Upload Vulnerability (CNVD-2024-46433)

TRCore DVC is a file insurance system from TRCore China. TRCore DVC suffers from a file upload vulnerability that can be exploited by an attacker to upload arbitrary files to any directory and achieve arbitrary code execution by uploading a webshell...

CVE-2024-11315

The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells...

CVE-2024-11313

The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells...

CVE-2024-11312

The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells...

CVE-2024-11311

The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells...

CVE-2024-11311

The CVE-2024-11311 entry concerns TRCore DVC (File Upload Vulnerability). The connected documents describe a Path Traversal flaw in DVC that does not restrict uploaded file types, allowing unauthenticated remote attackers to upload arbitrary files to any directory and achieve arbitrary code execu...

TRCore DVC 安全漏洞

TRCore DVC is a file insurance system from TRCore China. TRCore DVC suffers from a file upload vulnerability that can be exploited by an attacker to upload arbitrary files to any directory and achieve arbitrary code execution by uploading a webshell...

TRCore DVC 安全漏洞

TRCore DVC is a file insurance system from TRCore China. TRCore DVC suffers from a file upload vulnerability that can be exploited by an attacker to upload arbitrary files to any directory and achieve arbitrary code execution by uploading a webshell...