Tag

Unrestricted-Upload

3 briefs RSS

Metasoft MetaCRM Unrestricted File Upload Vulnerability (CVE-2026-8758)

A vulnerability in Metasoft MetaCRM up to version 6.4.0 Beta06 allows for unrestricted file upload due to manipulation of the 'File' argument in the /common/jsp/upload3.jsp file, potentially leading to arbitrary code execution.

exploited MetaCRM unrestricted-upload rce web-application

2r 1t 1c May 17, 2026

high advisory

Langflow Unrestricted File Upload Vulnerability (CVE-2026-6596)

2 rules 2 TTPs

An unrestricted file upload vulnerability in langflow-ai langflow versions up to 1.1.0 allows remote attackers to execute arbitrary code via the create_upload_file function in the API Endpoint.

CVE-2026-6596 unrestricted-upload langflow

2r 2t Apr 20, 2026

critical advisory

Shandong Hoteam InforCenter PLM Unrestricted Upload Vulnerability (CVE-2026-5261)

2 rules 3 TTPs 1 CVE

CVE-2026-5261 is an unrestricted file upload vulnerability in Shandong Hoteam InforCenter PLM up to version 8.3.8, allowing remote attackers to execute arbitrary code by uploading malicious files via the uploadFileToIIS function.

CVE-2026-5261 unrestricted-upload hoteam-plm

2r 3t 1c Apr 1, 2026