Lucene search
K

144 matches found

NVD
NVD
added 6 days ago10 views

CVE-2026-57700

Unrestricted Upload of File with Dangerous Type vulnerability in Daan.Dev OMGF Pro allows Using Malicious Files. This issue affects OMGF Pro: from n/a through 5.2.6...

10CVSS0.00373EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 3:16 p.m.14 views

CVE-2026-6211

Unrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services Inc. WEOLL allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WEOLL: from 2.0.9 before 3.2.45.33...

8.7CVSS0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-48884

Name of the Vulnerable Software and Affected Versions WEOLL versions 2.0.9 through 3.2.45.32 Description An unrestricted file upload flaw allows the upload of dangerous file types. This issue enables attackers to access functionality that is not properly constrained by Access Control Lists ACLs,...

8.7CVSS5.2AI score0.0021EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/01 9:4 a.m.10 views

CVE-2026-40548 Unrestricted Upload of File with Dangerous Type in SOPlanning

SOPlanning does not verify uploaded file extension. An authenticated attacker with access to the backup functionality can upload a crafted ZIP archive containing a legitimate user.csv file alongside a malicious file, which is extracted on the server. When combined with CVE-2026-40547 Path...

6.4CVSS5.8AI score0.0031EPSS
Exploits0References2
NVD
NVD
added 2026/05/27 11:16 a.m.16 views

CVE-2026-42748

Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo allows Upload a Web Shell to a Web Server.This issue affects WPify Woo Czech: from n/a through = 5.4.1...

9.9CVSS0.00266EPSS
Exploits0References1
NVD
NVD
added 2026/05/22 11:16 p.m.13 views

CVE-2026-40412

Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network...

10CVSS0.00534EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 6:0 p.m.14 views

EUVD-2026-31149

Unrestricted Upload of File with Dangerous Type vulnerability in WP Swings Gift Cards For WooCommerce Pro allows Using Malicious Files. This issue affects Gift Cards For WooCommerce Pro: from n/a through 4.2.6...

10CVSS5.8AI score0.00282EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.15 views

PT-2026-39282

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.1.124 Description An issue exists in the self-hosted artificial intelligence platform where the application fails to validate or sanitize the filename during file uploads. When attaching files to a prompt via the...

7.3CVSS5.9AI score0.00336EPSS
Exploits1References6
VulnCheck KEV
VulnCheck KEV
added 2026/04/23 12:0 a.m.8 views

VulnCheck KEV: CVE-2024-52490

Unrestricted Upload of File with Dangerous Type vulnerability in pathomation Pathomation pathomation allows Upload a Web Shell to a Web Server.This issue affects Pathomation: from n/a through = 2.5.1...

10CVSS8.8AI score0.00562EPSS
In wildExploits0References3
NVD
NVD
added 2026/04/08 6:16 a.m.5 views

CVE-2026-33273

Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, an arbitrary file may be created by an administrator of the product. As a result, arbitrary code may be executed on the server...

7.2CVSS0.00228EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/27 5:9 p.m.5 views

CVE-2026-4809

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while...

10CVSS6.2AI score0.01279EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/26 12:30 p.m.4 views

EUVD-2026-16164

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while...

10CVSS6.2AI score0.01279EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/25 4:58 p.m.7 views

EUVD-2026-15541

Kiteworks is a private data network PDN. In Kiteworks Secure Data Forms prior to version 9.2.1, the manager of a form could potentially exploit an Unrestricted Upload of File with Dangerous Type due to a missing validation. Upgrade Kiteworks to version 9.2.1 or later to receive a patch...

5.5CVSS5.8AI score0.00988EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 4:14 p.m.2 views

CVE-2026-32482

Unrestricted Upload of File with Dangerous Type vulnerability in deothemes Ona ona allows Upload a Web Shell to a Web Server.This issue affects Ona: from n/a through 1.24...

5.8AI score0.00319EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-28037

Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through = 6.9.2...

5.8AI score0.00319EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.7 views

PT-2026-26278

🔴 CVE-2026-27067 - Critical Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through ... https://t.co/2PmcdZjLPe https://t.co/HOIpzGKqJA...

9.1CVSS5.8AI score0.00275EPSS
Exploits0References6
NVD
NVD
added 2026/03/05 6:16 a.m.13 views

CVE-2026-23802

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine ai-engine allows Using Malicious Files.This issue affects AI Engine: from n/a through = 3.3.2...

9.1CVSS0.00465EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/05 5:53 a.m.5 views

CVE-2026-23802

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine ai-engine allows Using Malicious Files.This issue affects AI Engine: from n/a through = 3.3.2...

5.9AI score0.00465EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.6 views

WordPress plugin AI Engine 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...

9.1CVSS5.9AI score0.00465EPSS
Exploits0References1
OSV
OSV
added 2026/02/24 8:27 p.m.4 views

CVE-2026-22766

Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution...

7.2CVSS5.9AI score0.00698EPSS
Exploits0References1
Rows per page
Query Builder