A security vulnerability has been detected in code-projects Mobile Shop Management System 1.0. This affects an unknown function of the file AddNewProduct.php. The manipulation of the argument ProductI
A weakness has been identified in SourceCodester Online Student File Management System 1.0. This affects an unknown function of the file /save_file.php. Executing manipulation can lead to unrestricted
The WooCommerce Upload Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload_files() function in all versions up to, and including, 84.3.
A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this vulnerability is an unknown functionality of the file /assets/upl
Amasty Order Attributes for Magento 2 before version 4.0.0 contains an unauthenticated arbitrary file upload vulnerability that allows unauthenticated attackers to write arbitrary files to the store's
phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation.
A flaw has been found in code-projects Computer Laboratory System 1.0. This issue affects some unknown processing of the file admin/admin_pic.php. This manipulation of the argument image causes unrest
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_music" in Kashipara Music Management System v1.0. This allows attackers to execute arbitrary code via uploading a cr
A vulnerability was found in code-projects E-Commerce Site 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the argument
An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance version 5.0 - 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 in the downloa
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_playlist" in Kashipara Music Management System v1.0. This allows attackers to execute arbitrary code via uploading a
A vulnerability was identified in jackying H-ui.admin up to 3.1. This affects an unknown function in the library /lib/webuploader/0.1.5/server/preview.php. The manipulation leads to unrestricted uploa
The File Manager Pro plugin for WordPress is vulnerable to arbitrary backup file downloads and uploads due to missing file type validation via the 'mk_file_folder_manager_shortcode' ajax action in all
Flatnux 2021-03.25 contains an authenticated file upload vulnerability that allows administrative users to upload arbitrary PHP files through the file manager. Attackers with admin credentials can upl
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows attackers to execute arbitrary code via uploading a crafted file.
A vulnerability has been found in GreenCMS up to 2.3. This impacts the function pluginAddLocal of the file /index.php?m=admin&c=custom&a=pluginadd. The manipulation leads to unrestricted upload. The a
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file.
The File Manager Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.3.9. This is due to missing or incorrect nonce validation on the 'mk_file_
A vulnerability has been found in kefaming mayi up to 1.3.9 and classified as critical. This vulnerability affects the function Upload of the file app/tools/controller/File.php. The manipulation of th
Arbitrary File Upload in user_payment_update.php in SourceCodester Client Database Management System 1.0 allows unauthenticated users to upload arbitrary files via the uploaded_file_cancelled field. D