Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function vulnerability
20 March, 2025
Authenticated (Admin+) PHP Object Injection via form_data Parameter vulnerability
20 March, 2025
Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page Function vulnerability
20 March, 2025
Authenticated (Administrator+) ServerSide Request Forgery via validate_file Function vulnerability
20 March, 2025
PHP Object Injection vulnerability
14 May, 2024