65 matches found
EUVD-2019-19746
FileThingie 2.5.7 contains an arbitrary file upload vulnerability that allows attackers to upload malicious files by sending ZIP archives through the ft2.php endpoint. Attackers can upload ZIP files containing PHP shells, use the unzip functionality to extract them into accessible directories, an...
EUVD-2026-8766
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.0, when model render generation is enabled, a logged-in user can achieve RCE by uploading a ZIP containing a file with a shell metacharacter ...
CVE-2025-69212 OpenSTAManager has an OS Command Injection in P7M File Processing
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a critical OS Command Injection vulnerability exists in the P7M signed XML file decoding functionality. An authenticated attacker can upload a ZIP file containing a .p7m file with a...
CVE-2026-24673
The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a file upload validation bypass vulnerability allows attackers to upload files with prohibited extensions by embedding them inside ZIP archives and extracting them using the...
EUVD-2025-206602
IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution...
CVE-2026-24479
HUSTOF is an open source online judge based on PHP/C++/MySQL/Linux for ACM/ICPC and NOIP training. Prior to version 26.01.24, the problemimportqduoj.php and problemimporthoj.php modules fail to properly sanitize filenames within uploaded ZIP archives. Attackers can craft a malicious ZIP file...
HUSTOJ Path Traversal Vulnerability
HUSTOJ is a popular OJ system developed by Zhang Haobin zhblue from China. Versions of HUSTOJ before 26.01.24 contained a path traversal vulnerability. This vulnerability stemmed from the improper cleaning of file names in uploaded ZIP archives by the problemimportqduoj.php and problemimporthoj.p...
CVE-2025-14476
The Doubly – Cross Domain Copy Paste for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.46 via deserialization of untrusted input from the content.txt file within uploaded ZIP archives. This makes it possible for authenticated...
Denial Of Service (DoS)
processwire/processwire is vulnerable to Denial of Service. The vulnerability is due to automatic extraction of user-supplied ZIP files uploaded via Language Support without size or resource limits prior to validation, which allows an attacker with low privileges to upload a crafted ZIP and trigg...
CVE-2025-65806
The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An attacker can upload a nested ZIP a ZIP containing another ZIP where the inner archive contains an executable file e.g. webshell.php. When the application extracts the uploaded archives, the executabl...
CVE-2025-65806
The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An attacker can upload a nested ZIP a ZIP containing another ZIP where the inner archive contains an executable file e.g. webshell.php. When the application extracts the uploaded archives, the executabl...
CVE-2025-65806
The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An attacker can upload a nested ZIP a ZIP containing another ZIP where the inner archive contains an executable file e.g. webshell.php. When the application extracts the uploaded archives, the executabl...
Data Amplification
Overview processwire/processwire is a CMS/CMF. Affected versions of this package are vulnerable to Data Amplification via the Language Support admin interface. A user with lang-edit permission can cause resource exhaustion by uploading a malicious ZIP file that is automatically extracted without...
GHSA-9P44-Q66P-XM6P ProcessWire CMS vulnerable to resource-exhaustion Denial of Service
ProcessWire CMS 3.0.246 allows a low-privileged user with lang-edit to upload a crafted ZIP to Language Support that is auto-extracted without limits prior to validation, enabling resource-exhaustion Denial of Service...
EUVD-2025-30220
Malicious code in bioql PyPI...
CVE-2025-10690
The Goza - Nonprofit Charity WordPress Theme theme for WordPress is vulnerable to unauthorized arbitrary file uploads due to a missing capability check on the 'beplusimportpackinstallplugin' function in all versions up to, and including, 3.2.2. This makes it possible for unauthenticated attackers...
WordPress Alone Theme 7.8.3 Arbitrary Plugin Upload / Code Execution
WordPress Alone Theme versions 7.8.3 and below are vulnerable to an unauthenticated arbitrary file upload vulnerability. This flaw allows unauthenticated attackers to upload and install arbitrary plugin ZIP files from remote URLs via an unprotected AJAX endpoint — resulting in remote code executi...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the charms HTTP API endpoint when handling uploaded ZIP files. An attacker can overwrite arbitrary files on the server by uploading a specially crafted ZIP archive containing directory traversal sequences,...
CVE-2023-29657
eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with arbitrary code executions...
CVE-2025-34028 Commvault Command Center Innovation Release <= 11.38.25 Unathenticated Install Package Path Traversal
The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent install packages that, when expanded by the target server, are vulnerable to path traversal vulnerability that can result in Remote Code Execution via malicious JSP. This issue affec...