Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/11/20 9:37 p.m.12 views

CVE-2025-12057

The WavePlayer WordPress plugin before 3.8.0 does not have authorization in an AJAX action as well as does not validate the file to be copied locally, allowing unauthenticated users to upload arbitrary file on the server and lead to RCE...

9.8CVSS7.1AI score0.0041EPSS
Exploits1References1
OSV
OSV
added 2023/07/21 12:15 a.m.4 views

CVE-2023-3802

A vulnerability was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Controller/Ajaxfileupload.ashx. The manipulation of the argument file leads to unrestricted upload. The...

9.8CVSS4.8AI score0.00832EPSS
Exploits1References3
0day.today
0day.today
added 2019/05/10 12:0 a.m.46 views

dotCMS 5.1.1 - HTML Injection Vulnerability

Exploit for jsp platform in category web applications Exploit Title: dotCMS 5.1.1 - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://dotcms.com/ Software Link: https://github.com/dotCMS Software: dotCMS Product Version: 5.1.1 Vulernability Type: Code Injection Vulenrability...

6.6AI score0.00998EPSS
Exploits5
OSV
OSV
added 2017/07/20 12:29 a.m.15 views

CVE-2017-11466

Arbitrary file upload vulnerability in com/dotmarketing/servlets/AjaxFileUploadServlet.class in dotCMS 4.1.1 allows remote authenticated administrators to upload .jsp files to arbitrary locations via directory traversal sequences in the fieldName parameter to servlets/ajaxfileupload. This results...

7.2CVSS7.7AI score
Exploits0References3
CNVD
CNVD
added 2017/07/20 12:0 a.m.5 views

dotCMS Arbitrary File Upload Vulnerability Vulnerability

dotCMS is a content management system CMS from the United States dotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . An arbitrary file upload vulnerability exists in the com/dotmarketing/servlets/AjaxFileUploadServlet.class file in...

9CVSS6.9AI score0.07695EPSS
Exploits1References1
Rows per page
Query Builder