CWE-434

A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. Affected is an unknown function. The manipulation of the argument cmd leads to unrestricted upload. It is possible to launch the attack remotely. VDB-214590 is the identifier assigned to this vulnerability.

Emlog Pro 1.6.0 plugins upload suffers from a remote code execution (RCE) vulnerability.

In Simple Exam Reviewer Management System v1.0 the User List function suffers from insecure file upload.

Simple Exam Reviewer Management System v1.0 is vulnerable to Insecure file upload.

Wedding Planner v1.0 is vulnerable to Arbitrary code execution via package_edit.php.

An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file.