Lucene search
+L

1409 matches found

OSV
OSV
added 2018/05/28 2:29 p.m.5 views

CVE-2018-11514

PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in editresumedet.php, as demonstrated by changing .docx to .php...

8.8CVSS5.8AI score0.01126EPSS
Exploits1References1
Friends Of PHP
Friends Of PHP
added 2018/05/14 10:54 a.m.10 views

SS-2018-014: Dangerous file types in allowed upload

More info at https://www.silverstripe.org/download/security-releases/ss-2018-014/...

7.2AI score
Exploits0Affected Software1
OSV
OSV
added 2018/01/12 2:29 a.m.4 views

CVE-2017-16736

An Unrestricted Upload Of File With Dangerous Type issue was discovered in Advantech WebAccess versions prior to 8.3. WebAccess allows a remote attacker to upload arbitrary files...

7.5CVSS5.9AI score0.01815EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2017/08/25 7:29 p.m.7 views

CVE-2017-9650

An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation ALC ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu,...

7.8CVSS6AI score0.02368EPSS
Exploits6References4
OSV
OSV
added 2017/08/25 7:29 p.m.2 views

CVE-2017-9650

An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation ALC ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu,...

7.8CVSS5.9AI score
Exploits0References3
CVE
CVE
added 2017/08/25 7:0 p.m.94 views

CVE-2017-9650

CVE-2017-9650 affects Automated Logic Corporation (ALC) WebCTRL, i-Vu and SiteScan Web platforms. The vulnerability is an Unrestricted Upload of File with Dangerous Type that could allow an authenticated attacker to upload a malicious file and execute arbitrary code. Affected versions include Web...

7.8CVSS7.5AI score0.02368EPSS
Exploits6References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2017/07/14 12:0 a.m.6 views

The vulnerability of the EMC Avamar backup system allows a perpetrator to execute arbitrary code.

The vulnerability of the EMC Avamar backup system lies in the lack of restrictions on the download of files of a dangerous type. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file...

7.5CVSS8.2AI score0.03033EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2017/06/25 12:29 p.m.7 views

UBUNTU-CVE-2017-9840

Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload files of dangerous types, which can result in arbitrary code execution within the context of the vulnerable application...

8.8CVSS7.8AI score0.01456EPSS
Exploits0References3
Prion
Prion
added 2017/05/19 3:29 a.m.17 views

Remote code execution

An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web serv...

7.5CVSS9.6AI score0.02633EPSS
Exploits0References2Affected Software1
hackapp
hackapp
added 2017/01/30 7:57 p.m.18 views

Beepul - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Beepul published at the 'play' market has multiple vulnerabilities...

7.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/12/15 6:23 p.m.17 views

Domino Gaple Online - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Domino Gaple Online published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/07/21 6:51 p.m.19 views

AT&T VoIP - Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application AT&T VoIP published at the 'play' market has multiple vulnerabilities...

7.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/03 7:35 a.m.19 views

Order Kanji 2 - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Order Kanji 2 published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/03 7:31 a.m.12 views

LINE POP - Customized SSL, Dangerous filesystem permissions, Exported components with free access vulnerabilities

HackApp vulnerability scanner discovered that application LINE POP published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:7 a.m.9 views

Stickman Ice Hockey - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Stickman Ice Hockey published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:49 a.m.20 views

Spider Solitaire Mobile - BSD license, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Spider Solitaire Mobile published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:43 a.m.8 views

Can You Escape - Holidays - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Can You Escape - Holidays published at the 'play' market has multiple vulnerabilities...

7.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:42 a.m.12 views

Rival Knights - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Rival Knights published at the 'play' market has multiple vulnerabilities...

Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:35 a.m.8 views

Minimal Weather Info widget - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Minimal Weather Info widget published at the 'play' market has multiple vulnerabilities...

7.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:34 a.m.10 views

Smart Maps Offline - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Smart Maps Offline published at the 'play' market has multiple vulnerabilities...

1AI score
Exploits0References1Affected Software1
Rows per page
Query Builder