Total
2945 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-7450 | 1 Angeljudesuarez | 1 Placement Management System | 2024-08-09 | 6.0 MEDIUM | 8.8 HIGH |
| A vulnerability has been found in itsourcecode Placement Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /resume_upload.php of the component Image Handler. The manipulation of the argument fileToUpload leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273541 was assigned to this vulnerability. | |||||
| CVE-2024-6315 | 2024-08-06 | N/A | 8.8 HIGH | ||
| The Blox Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handleUploadFile' function in all versions up to, and including, 1.0.65. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
| CVE-2024-7257 | 2024-08-05 | N/A | 9.8 CRITICAL | ||
| The YayExtra – WooCommerce Extra Product Options plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_upload_file function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
| CVE-2023-36119 | 1 Online Security Guards Hiring System Project | 1 Online Security Guards Hiring System | 2024-02-05 | N/A | N/A |
| File upload vulnerability in PHPGurukul Online Security Guards Hiring System v.1.0 allows a remote attacker to execute arbitrary code via a crafted php file to the \osghs\admin\images file. | |||||
| CVE-2023-37151 | 1 Online Pizza Ordering System Project | 1 Online Pizza Ordering System | 2024-02-04 | N/A | N/A |
| Sourcecodester Online Pizza Ordering System v1.0 allows the upload of malicious PHP files resulting in Remote Code Execution (RCE). | |||||