Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Cvelist
Cvelistadded 2025/01/08 7:18 a.m.22 views

CVE-2024-11635 WordPress File Upload <= 4.24.12 - Unuathenticated Remote Code Execution

The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the 'wfuABSPATH' cookie parameter. This makes it possible for unauthenticated attackers to execute code on the server...

9.8CVSS0.29181EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/01/08 7:18 a.m.14 views

CVE-2024-11635 WordPress File Upload <= 4.24.12 - Unuathenticated Remote Code Execution

The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the 'wfuABSPATH' cookie parameter. This makes it possible for unauthenticated attackers to execute code on the server...

9.8CVSS7.9AI score0.29181EPSS
Exploits1References3
Circl
Circladded 2025/01/07 9:1 p.m.10 views

CVE-2024-11635

creationtimestamp| type| source ---|---|--- 2025-01-07 21:01:36+00:00| seen| https://bsky.app/profile/abrahack.bsky.social/post/3lf6kaflqkk2d 2025-01-08 07:20:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113791523823209673 2025-01-08 07:38:26+00:00| published-proof-of-concept|...

9.8CVSS8.7AI score0.29181EPSS
Exploits1References12
CVE
CVEadded 2021/02/16 7:37 p.m.45 views

CVE-2020-11635

CVE-2020-11635 affects Zscaler Client Connector prior to 3.1.0. The issue is insufficient validation of RPC clients, allowing a local adversary to execute code with system privileges or perform privileged actions. Affected component is the client connector’s RPC handling; impact is described as c...

7.8CVSS7.7AI score0.00116EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2018/07/03 5:29 p.m.8 views

CVE-2018-11635

Use of a Hard-coded Cryptographic Key used to protect cookie session data in /var/www/xms/application/config/config.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to bypass authentication...

9.8CVSS9.5AI score0.00789EPSS
Exploits1References1
CVE
CVEadded 2018/07/03 5:0 p.m.45 views

CVE-2018-11635

Dialogic PowerMedia XMS (administration console) is affected by CVE-2018-11635 due to a hard-coded cryptographic key used to protect cookie session data in /var/www/xms/application/config/config.php. This vulnerability enables remote attackers to bypass authentication in PowerMedia XMS versions u...

9.8CVSS9.3AI score0.00789EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2018/02/26 10:29 p.m.7 views

CVE-2017-11635

An issue was discovered on Wireless IP Camera 360 devices. Attackers can read recordings by navigating to /mnt/idea0 or /mnt/idea1 on the SD memory card...

7.5CVSS7.5AI score0.003EPSS
Exploits1References1
CVE
CVEadded 2018/02/26 10:0 p.m.50 views

CVE-2017-11635

CVE-2017-11635 affects Wireless IP Camera 360 devices. The vulnerability enables an attacker to read stored recordings by accessing the SD card via the unsupported paths /mnt/idea0 or /mnt/idea1 . The root cause is disclosed as an information disclosure issue on these devices, leading to partial ...

7.5CVSS7.4AI score0.003EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2018/02/26 10:0 p.m.11 views

CVE-2017-11635

An issue was discovered on Wireless IP Camera 360 devices. Attackers can read recordings by navigating to /mnt/idea0 or /mnt/idea1 on the SD memory card...

7.5AI score0.003EPSS
Exploits1References1
Rows per page
Query Builder