Malicious File Upload

Remote code execution in BROWAN COMMUNICATIONS PrismX MX100 AP controller allows high-privileged remote attackers to upload arbitrary files and execute web shell backdoors without user interaction. This vulnerability affects administrators with elevated credentials and enables complete compromise of the affected access point. No patch is currently available to remediate this issue.

HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise. [CVSS 3.1 LOW]

Aion versions up to 2.0 contains a vulnerability that allows attackers to malicious file uploads, potentially resulting in unauthorized code execution or (CVSS 2.7).

Mpay versions up to 1.2.4 contain an unrestricted file upload vulnerability in the QR Code Image Handler component via the codeimg parameter, allowing remote attackers with high privileges to upload arbitrary files. Public exploit code exists for this vulnerability, though no patch is currently available. The attack requires administrative credentials but carries moderate risk with potential impacts to confidentiality, integrity, and availability.

Unrestricted file upload in lwj flow's SVG File Handler (FormResource.java) allows authenticated remote attackers to upload arbitrary files due to insufficient input validation on the File parameter. Public exploit code exists for this vulnerability, and the maintainers have not yet released a patch despite early notification. Affected installations using Java should restrict file upload functionality until an update is available.

Unrestricted file upload in EyouCMS versions up to 1.7.1/5.0 allows authenticated remote attackers to upload arbitrary files through manipulation of the viewfile parameter in the Member Avatar Handler component. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. An authenticated attacker could leverage this to upload malicious files and potentially achieve remote code execution.

Unrestricted file upload in Teamwork Management System (TMS) versions up to 2.28.0 allows authenticated attackers to upload malicious files by manipulating the filename parameter in the FileController. Public exploit code exists for this vulnerability, and no patch is currently available, creating significant risk for organizations using affected versions.

Omnispace Agora Project (before 25.10) allows RCE through crafted PDF upload that exploits the ImageMagick MSL engine via the thumbnail function.

Agora-Project versions up to 25.10 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

Arbitrary file upload vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. [CVSS 7.2 HIGH]

Pega Customer Service Framework versions 8.7.0 versions up to 25.1.0 is affected by unrestricted upload of file with dangerous type.

Hub v2.0 property management system allows unauthenticated arbitrary file upload via /utils/uploadFile. Malicious PDF files can be uploaded and may achieve code execution.

Director versions up to 25.2.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

Operation And Maintenance Security Management System versions up to 3.0.8. is affected by improper access control (CVSS 7.3).

A vulnerability was found in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/editsite.php. [CVSS 4.7 MEDIUM]

Corpkit WordPress theme (through 2.0) allows unauthenticated web shell upload via unrestricted file type upload.

Contentstudio WordPress plugin (through 1.3.7) allows unauthenticated web shell upload, enabling immediate server compromise.

A file upload vulnerability in ARIS 10.0.23.0.3587512 allows attackers to execute arbitrary code via uploading a crafted PDF file/Malware [CVSS 6.8 MEDIUM]

In Aris v10.0.23.0.3587512 and before, the file upload functionality does not enforce any rate limiting or throttling, allowing users to upload files at an unrestricted rate. [CVSS 6.5 MEDIUM]

House Rental And Property Listing Project versions up to 1.0 is affected by improper access control (CVSS 7.3).

Multiple Themify WordPress themes (Sidepane, Newsy, Folo, Edmin, Bloggie, Photobox, Wigi, Rezo, Slide) allow authenticated users to upload web shells. Low privileges sufficient, scope change to OS-level code execution. Affects 9 themes simultaneously.

Media File Renamer WordPress plugin (through 5.7.7) by Meow Apps allows administrators to upload files with dangerous types, achieving OS-level code execution with scope change. While admin access is required, the scope break makes this critical.

Themify Shopo WordPress theme (through 1.1.4) allows authenticated users to upload web shells. Despite requiring low-level authentication, the scope change to CVSS 9.9 means any subscriber account can achieve full server compromise.

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server. [CVSS 8.8 HIGH]

Online Product Reservation System versions up to 1.0 is affected by improper access control (CVSS 6.3).

Unrestricted file upload in code-projects CMS 1.0 via the image parameter in /admin/edit_posts.php allows authenticated administrators to upload arbitrary files remotely. Public exploit code exists for this vulnerability, though a patch is not yet available. The issue affects PHP-based installations and requires high-level privileges to exploit.

Unrestricted file upload in PHPGurukul Online Course Registration versions up to 3.1 allows authenticated attackers to upload arbitrary files through the student profile photo parameter in /admin/edit-student-profile.php. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with login credentials can exploit this remotely to potentially execute malicious code or compromise the application.

A vulnerability was identified in jackying H-ui.admin versions up to 3.1. is affected by improper access control (CVSS 7.3).

A vulnerability has been found in EmpireSoft EmpireCMS up to 8.0. Impacted is the function CheckSaveTranFiletype of the file e/class/connect.php. [CVSS 6.3 MEDIUM]

A vulnerability has been found in xnx3 wangmarket up to 6.4. The impacted element is the function uploadImage of the file /sits/uploadImage.do of the component XML File Handler. [CVSS 4.7 MEDIUM]

A security vulnerability has been detected in campcodes School File Management System 1.0. The affected element is an unknown function of the file /save_file.php. [CVSS 6.3 MEDIUM]

A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product Information Edit Page. This manipulation of the argument File causes unrestricted upload. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.

Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through <= 8.7.3.

A security vulnerability has been detected in code-projects College Notes Uploading System 1.0. Impacted is an unknown function of the file /dashboard/userprofile.php. The manipulation of the argument image leads to unrestricted upload. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing manipulation of the argument image results in unrestricted upload. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.

A flaw has been found in ChenJinchuang Lin-CMS-TP5 up to 0.3.3. This vulnerability affects the function Upload of the file application/lib/file/LocalUploader.php of the component File Upload Handler. Executing manipulation of the argument File can lead to code injection. The attack can be executed remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Unrestricted file upload in jackq XCMS allows high-privilege authenticated users to upload arbitrary files via the ProductImageController component, with publicly available exploit code disclosed. Despite a CVSS score of 2.0 reflecting the high authentication requirement (PR:H), the vulnerability enables authenticated administrators to bypass intended upload restrictions and potentially achieve remote code execution by uploading malicious files. The vendor has been informed via public issue report but has not yet responded with a fix.

A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an unknown function of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet.

Unauthenticated file upload vulnerability in code-projects Student File Management System 1.0 allows authenticated remote attackers to bypass file upload restrictions via manipulation of the File parameter in /save_file.php, despite the CVSS v4.0 score of 2.1 reflecting only low confidentiality, integrity, and availability impact with no scope change. The exploit is publicly available and the low EPSS score (0.09%, 25th percentile) suggests limited real-world exploitation attempts despite public disclosure.

ChestnutCMS up to version 1.5.8 allows authenticated remote attackers to upload arbitrary files by manipulating the File argument in the FilenameUtils.getExtension function of the /dev-api/common/upload endpoint. The vulnerability bypasses filename extension validation in the Filename Handler component, enabling unrestricted file uploads with low integrity and confidentiality impact. Publicly available exploit code exists; however, the low EPSS score (0.06%) and requirement for prior authentication significantly limit real-world exploitation risk compared to the CVSS base score.

Unauthenticated arbitrary file upload vulnerability in File Uploader for WooCommerce (WordPress plugin versions ≤1.0.3) enables remote code execution. Missing file type validation in the 'add-image-data' REST API endpoint allows attackers to upload malicious files to Uploadcare service and retrieve them to the web server, achieving code execution without authentication. Exploitation requires no user interaction or special privileges (CVSS:3.1 AV:N/AC:L/PR:N/UI:N). No public exploit identified at time of analysis.

Unrestricted file upload in SourceCodester Client Database Management System 1.0 via the /user_leads.php endpoint in the Leads Generation Module allows authenticated remote attackers to upload arbitrary files. The vulnerability requires valid user credentials (PR:L in CVSS v4.0) but carries low confidentiality, integrity, and availability impact per the vector. Public exploit code exists, and EPSS score of 0.06% suggests minimal real-world exploitation despite public availability, likely due to the authenticated requirement limiting attack surface.

Unrestricted Upload of File with Dangerous Type vulnerability in Cozmoslabs WP Webhooks wp-webhooks allows Path Traversal.This issue affects WP Webhooks: from n/a through <= 3.3.8.

Unrestricted Upload of File with Dangerous Type vulnerability in RedefiningTheWeb WordPress Contact Form 7 PDF, Google Sheet & Database rtwwcfp-wordpress-contact-form-7-pdf allows Using Malicious Files.This issue affects WordPress Contact Form 7 PDF, Google Sheet & Database: from n/a through <= 3.0.0.

Unrestricted file upload in Computer Laboratory System 1.0 via the technical_staff_pic.php file allows high-privilege users to upload arbitrary files to the server. The vulnerability requires administrator-level access (PR:H) and affects confidentiality, integrity, and availability with low impact scope. Publicly available exploit code exists; however, the EPSS score of 0.07% (21st percentile) and high-privilege requirement significantly limit real-world exploitation risk compared to the CVSS 2.0 baseline.

Unrestricted file upload in Computer Laboratory System 1.0 via the admin_pic.php image parameter allows high-privilege authenticated users to upload arbitrary files remotely, with publicly available proof-of-concept code demonstrating exploitation. Despite the CVSS 2.0 score reflecting the high authentication barrier (PR:H), the vulnerability enables attackers with admin credentials to bypass upload restrictions and potentially establish persistence or execute malicious code on the server.

A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing a manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used.

Unrestricted file upload in campcodes Online Student Enrollment System 1.0 allows high-privileged authenticated users to upload arbitrary files via the userphoto parameter in /admin/index.php?page=user-profile, potentially enabling remote code execution or data exfiltration. Public exploit code is available, though the vulnerability's real-world impact is limited by the requirement for administrative credentials and low CVSS/EPSS scores.

Authenticated arbitrary file upload in Infility Global WordPress plugin versions ≤2.14.42 permits remote code execution. The upload_file function accepts spoofed MIME types without verifying file extensions, while import_data lacks capability checks, allowing subscriber-level users to upload malicious files (e.g., PHP webshells) to the server. CVSS:3.1 score 8.8 (High) reflects network-accessible, low-complexity exploitation requiring only low-privilege authentication. No public exploit identified at time of analysis. EPSS 0.35% indicates low observed exploitation activity.

Unrestricted file upload in SourceCodester Real Estate Property Listing App 1.0 allows high-privileged authenticated users to upload arbitrary files via the image parameter in /admin/property.php, potentially leading to remote code execution. The vulnerability affects only administrators or high-privilege accounts due to PR:H requirements, but public exploit code exists and EPSS scoring indicates low real-world exploitation probability (0.07th percentile).

Unrestricted file upload in baowzh hfly allows authenticated remote attackers to upload arbitrary files via manipulation of the imgFile parameter in /Public/Kindeditor/php/upload_json.php. The vulnerability affects rolling-release versions up to commit 638ff9abe9078bc977c132b37acbe1900b63491c, carries low overall risk (CVSS 2.1, EPSS 0.07%), and has publicly available exploit code but requires authenticated access, significantly limiting real-world exploitability compared to unauthenticated file upload scenarios.

A critical authentication bypass and path traversal vulnerability in PipesHub AI platform allows unauthenticated remote attackers to upload files with directory traversal sequences, enabling arbitrary file writes anywhere the service account has permissions. This vulnerability affects PipesHub versions prior to 0.1.0-beta and has a publicly available proof-of-concept exploit, making it an immediate priority for organizations using this enterprise search and workflow automation platform. With a CVSS score of 9.8 and the ability to plant malicious code or overwrite critical files, this represents a severe risk to affected systems.

A vulnerability was found in Yottamaster DM2, DM3 and DM200 up to 1.2.23/1.9.12. Affected by this issue is some unknown functionality of the component File Upload. Performing manipulation results in path traversal. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

A security vulnerability has been detected in ORICO CD3510 1.9.12. This affects an unknown function of the component File Upload. The manipulation leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted element is an unknown function of the file /admin/admin_running.php. Executing a manipulation of the argument product_image can lead to unrestricted upload. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.

A flaw has been found in Verysync 微力同步 up to 2.21.3. This impacts an unknown function of the file /rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false of the component Web Administration Module. Executing manipulation can lead to unrestricted upload. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/add_file_query.php. The manipulation of the argument per_file results in unrestricted upload. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.

The Starter Templates plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 4.4.41. This is due to insufficient file type validation detecting WXR files, allowing double extension files to bypass sanitization while being accepted as a valid WXR file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the resolve_import_directory() function in versions 4.5.4 to 4.5.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_qr_code() function in all versions up to, and including, 1.2.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command/Search Files/Directory field, leading to a denial of service by crashing the application.

zdh_web is a data collection, processing, monitoring, scheduling, and management platform. In zdh_web thru 5.6.17, insufficient validation of file upload paths in the application allows an authenticated user to write arbitrary files to the server file system, potentially overwriting existing files and leading to privilege escalation or remote code execution.

File upload vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local network to store arbitrary files on the filesystem.

The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstu_update_post() function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

The Omnipress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.

The Auto Thumbnailer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadThumb() function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

The Featured Image via URL plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation function in all versions up to, and including, 0.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

The Demo Importer Plus plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 2.0.6. This is due to insufficient file type validation detecting WXR files, allowing double extension files to bypass sanitization while being accepted as a valid WXR file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

The PostGallery plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'PostGalleryUploader' class functions in all versions up to, and including, 1.12.5. This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.

The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An attacker can upload a nested ZIP (a ZIP containing another ZIP) where the inner archive contains an executable file (e.g. webshell.php). When the application extracts the uploaded archives, the executable may be extracted into a web-accessible directory. This can lead to remote code execution (RCE), data disclosure, account compromise, or further system compromise depending on the web server/process privileges. The issue arises from insufficient validation of archive contents and inadequate restrictions on extraction targets.

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.

RomM (ROM Manager) allows users to scan, enrich, browse and play their game collections with a clean and responsive interface. RomM contains multiple unrestricted file upload vulnerabilities that allow authenticated users to upload malicious SVG or HTML files. When these files are accessed the browser executes embedded JavaScript, leading to stored Cross-Site Scripting (XSS) which when combined with a CSRF misconfiguration they lead to achieve full administrative account takeover, creating a rogue admin account, escalating the attacker account role to admin, and much more. This vulnerability is fixed in 4.4.1 and 4.4.1-beta.2.

A vulnerability was identified in ProudMuBai GoFilm 1.0.0/1.0.1. Impacted is the function SingleUpload of the file /server/controller/FileController.go. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_unzip_file' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files with race condition on the affected site's server which may make remote code execution possible.

FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later executes (or stores in an executable location) without sufficient validation, sanitization, or execution restrictions. An authenticated remote attacker can upload a crafted PHP file and cause the application or web server to execute it, resulting in remote code execution (RCE).

EverShop 2.0.1 allows a remote unauthenticated attacker to upload arbitrary files and create directories via the /api/images endpoint. The endpoint is accessible without authentication by default, and server-side validation of uploaded files is insufficient. This can be abused to upload arbitrary content (including non-image files) which could impersonate user/admin login panels (exfiltrating credentials) and to perform a denial-of-service attack by exhausting disk space.

Summary Arbitrary files can be uploaded via the GrapesJS Builder, as the types of files that can be uploaded are not restricted. ImpactIf the media folder is not restricted from running files this can lead to a remote code execution.

The SureMail - SMTP and Email Logs Plugin for WordPress is vulnerable to Unrestricted Upload of File with Dangerous Type in versions up to and including 1.9.0. This is due to the plugin's save_file() function in inc/emails/handler/uploads.php which duplicates all email attachments to a web-accessible directory (wp-content/uploads/suremails/attachments/) without validating file extensions or content types. Files are saved with predictable names derived from MD5 hashes of their content. While the plugin attempts to protect this directory with an Apache .htaccess file to disable PHP execution, this protection is ineffective on nginx, IIS, and Lighttpd servers, or on misconfigured Apache installations. This makes it possible for unauthenticated attackers to achieve Remote Code Execution by uploading malicious PHP files through any public form that emails attachments, calculating the predictable filename, and directly accessing the file to execute arbitrary code granted they are exploiting a site running on an affected web server configuration.

FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 2.2.3, a stored cross-site scripting (XSS) vulnerability exists in the Filerise application due to improper handling of uploaded SVG files. The application accepts user-supplied SVG uploads without sanitizing or restricting embedded script content. When a malicious SVG containing inline JavaScript or event-based payloads is uploaded, it is later rendered directly in the browser whenever viewed within the application. Because SVGs are XML-based and allow scripting, they execute in the origin context of the application, enabling full stored XSS. This vulnerability is fixed in 2.2.3.

A weakness has been identified in moxi159753 Mogu Blog v2 up to 5.2. The affected element is an unknown function of the file /file/pictures. This manipulation of the argument filedatas causes unrestricted upload. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

File upload vulnerability in HCL Technologies Ltd. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0 due to insufficient input. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 11.15.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cross-site scripting (XSS) in Drupal 7.x Webform Multiple File Upload module versions 7.x-1.2 through 7.x-1.6 enables unauthenticated attackers to execute arbitrary JavaScript in victims' browsers by uploading files with malicious filenames to Webform nodes where file type validation is disabled. The vulnerability originates in the third-party fyneworks/multifile library's file name renderer. With EPSS at 0.07% (21st percentile) and no public exploit identified at time of analysis, exploitation probability remains low despite the CVSS 7.0 score.

Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Unauthenticated Arbitrary File Upload (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Unauthenticated Arbitrary File Upload (upgrade_contents.php) in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Unauthenticated Arbitrary File Upload (status_contents.php) in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

The AI Feeds plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check in the 'actualizador_git.php' file in all versions up to, and including, 1.0.11. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.