• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-434

CVE-2020-25790

February 26, 2023 by

** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because “admins are considered trustworthy”; however, the behavior “contradicts our security policy” and is being fixed for 5.2.

CVE-2020-25763

February 26, 2023 by

Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files.

CVE-2020-25733

February 26, 2023 by

webTareas through 2.1 allows upload of the dangerous .exe and .shtml file types.

CVE-2020-25515

February 26, 2023 by

Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http:///lms/index.php?page=books.

CVE-2020-25537

February 26, 2023 by

File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission.

CVE-2020-25483

February 26, 2023 by

An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 45
  • Go to page 46
  • Go to page 47
  • Go to page 48
  • Go to page 49
  • Interim pages omitted …
  • Go to page 224
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE