Lucene search
+L

5486 matches found

Cvelist
Cvelist
added 3 hours ago7 views

CVE-2026-15343 Path traversal vulnerability in GitHub Enterprise Server allowed writing files to arbitrary repository paths, including GitHub Actions workflow files, via unchecked Dependabot dependency-file paths

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker who had code execution inside the Dependabot updater container to write files to arbitrary repository paths, including GitHub Actions workflow files under .github/workflows/ as the path validation d...

8.6CVSS
Exploits0References5
CVE
CVE
added 3 hours ago8 views

CVE-2026-15343

GitHub Enterprise Server (Dependabot updater container) contains a path traversal vulnerability that lets an attacker with code execution inside that container write to arbitrary repository paths, including .github/workflows/. The flaw arises because path validation did not properly enforce the e...

8.6CVSS6.3AI score
Exploits0References5
Nuclei
Nuclei
added 13 hours ago14 views

esm.sh <= v136 - Arbitrary File Write via Path Traversal

esm.sh = 136 contains a path traversal caused by improper canonicalization of the X-Zone-Id HTTP header, letting attackers write files outside the intended storage directory, exploit requires crafted header input. id: CVE-2025-59342 info: name: esm.sh = v136 - Arbitrary File Write via Path...

6.9CVSS8.2AI score0.02829EPSS
Exploits2References3
Nuclei
Nuclei
added 13 hours ago50 views

Emerson Dixell XWEB-500 - Arbitrary File Write

Emerson Dixell XWEB-500 contains an arbitrary file write caused by unauthenticated access to /cgi-bin/logoextraupload.cgi, /cgi-bin/calsave.cgi, and /cgi-bin/loutils.cgi, letting attackers write any file on the system, exploit requires no authentication. id: CVE-2021-45420 info: name: Emerson...

10CVSS8.6AI score0.1755EPSS
Exploits1References3
Nuclei
Nuclei
added 13 hours ago94 views

Plenti < v0.7.2 - OS Command Injection

Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the...

9.3CVSS7.5AI score0.02763EPSS
Exploits1References2
Cvelist
Cvelist
added 15 hours ago12 views

CVE-2026-15160 Ninja Forms - Excel Export <= 3.3.6 - Missing Authorization to Authenticated (Subscriber+) XLS Write via Path Traversal

The Ninja Forms - Excel Export plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.6 via the 'spreadsheetexporttmpname' parameter. This makes it possible for authenticated attackers, with subscriber-level access and above, to write .xls/.xlsx files ...

4.3CVSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 15 hours ago3 views

CVE-2026-15160

The Ninja Forms - Excel Export plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.6 via the 'spreadsheetexporttmpname' parameter. This makes it possible for authenticated attackers, with subscriber-level access and above, to write .xls/.xlsx files ...

4.3CVSS6.2AI score
Exploits0References5
CVE
CVE
added 15 hours ago8 views

CVE-2026-15160

Summary of CVE-2026-15160 : The Ninja Forms - Excel Export plugin for WordPress is vulnerable to a directory traversal flaw in all versions up to and including 3.3.6, exploitable via the spreadsheet_export_tmp_name parameter. This vulnerability allows an authenticated user with subscriber-level a...

4.3CVSS6.2AI score
Exploits0References4
EUVD
EUVD
added 15 hours ago4 views

EUVD-2026-45127

The Ninja Forms - Excel Export plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.6 via the 'spreadsheetexporttmpname' parameter. This makes it possible for authenticated attackers, with subscriber-level access and above, to write .xls/.xlsx files ...

4.3CVSS6.2AI score
Exploits0References4
CVE
CVE
added yesterday9 views

CVE-2026-53535

Activepieces prior to 0.82.0 is affected by an arbitrary file write in the git-sync workflow. The issue occurs because git-sync clones a configured repository into a temporary server directory with Git’s symbolic-link handling enabled, allowing symlinks to redirect writes. Additionally, on-disk i...

5.9CVSS6.3AI score
Exploits0References4
CVE
CVE
added yesterday7 views

CVE-2026-59866

Kiota (OpenAPI-based HTTP client generator) is affected by CVE-2026-59866 due to unsafe generation of x-ms-kiota-info clientClassName and clientNamespaceName, which can cause arbitrary file writes and code-injection when kiota generate runs without -c/--class-name. The issue allows attacker-contr...

9.3CVSS6.2AI score
Exploits0References4
Cvelist
Cvelist
added yesterday27 views

CVE-2026-59866 Kiota: Arbitrary file write + code-injection via x-ms-kiota-info clientClassName and clientNamespaceName

Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.5, Kiota emitted x-ms-kiota-info clientClassName and clientNamespaceName values without identifier or path sanitization as both generated client class or namespace names and generated output path components when kiota generate ra...

9.3CVSS
Exploits0References4
Nuclei
Nuclei
added yesterday169 views

Camaleon CMS < 2.8.1 Arbitrary File Write to RCE

An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on depending on the permissions of the underlying filesystem. E.g. This can lead to a remote...

9.9CVSS6.5AI score0.35461EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday7 views

Adobe ColdFusion - RDS Arbitrary File Write

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary code execution in the context of the current user. The RDS FILEIO WRITE operation allows unauthenticated...

10CVSS7.5AI score0.28583EPSS
Exploits3References2
Nuclei
Nuclei
added yesterday94 views

pfSense - Arbitrary File Write

diagroutes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netstat utility, and then its output is parsed via the sed utility. Although the common protection...

9CVSS7.1AI score0.87113EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday25 views

GL.iNet <= 4.3.7 - Arbitrary File Write

GL.iNet = 4.3.7 is vulnerable to an arbitrary file write exploit, allowing an attacker to overwrite arbitrary system files. id: CVE-2023-46455 info: name: GL.iNet = 4.3.7 - Arbitrary File Write author: Zierax severity: high description: | GL.iNet = 4.3.7 is vulnerable to an arbitrary file write...

7.5CVSS7AI score0.46966EPSS
Exploits4References2
Nuclei
Nuclei
added yesterday27 views

YouPHPTube Encoder - Arbitrary File Write

Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube.The parameter base64Url in /objects/getImageMP4.php is vulnerable to a command injection attack. id: CVE-2019-5128 info: name: YouPHPTube Encoder - Arbitrary...

10CVSS7AI score0.30174EPSS
Exploits1References1
CVE
CVE
added 2 days ago11 views

CVE-2026-45419

DataEase contains an arbitrary file write vulnerability present before version 2.10.23. The flaw resides in template handling: the TemplateManageService#save, StaticResourceServer#saveFilesToServe methods and the /de2api/templateManage/save endpoint accept attacker-controlled staticResource names...

8.5CVSS6.2AI score0.00313EPSS
Exploits0References3
CVE
CVE
added 2 days ago10 views

CVE-2026-50148

Metabase up to versions 1.60.4 is affected by CVE-2026-50148 due to a Snowflake JDBC driver flaw that allows an attacker who can configure a Snowflake connection to write arbitrary files on the Metabase host, potentially replacing a Metabase database driver file and achieving remote code executio...

10CVSS6.6AI score0.00442EPSS
Exploits0References1
OSV
OSV
added 2 days ago4 views

CVE-2026-43637 Cornac < 2.6.0 Path Traversal via _extract_archive() in download.py

Cornac before 2.6.0 contains a path traversal Tar Slip vulnerability that allows attackers to write arbitrary files outside the intended cache directory by supplying a crafted TAR archive containing ../ sequences, absolute paths, or symlink/hardlink entries to the extractarchive function in...

8.8CVSS6.2AI score0.00425EPSS
Exploits0References7
Rows per page
Query Builder