Lucene search
K

1395 matches found

CNNVD
CNNVD
added 2026/05/22 12:0 a.m.13 views

Microsoft Azure Orbital Spatio 代码问题漏洞

Microsoft Azure Orbital Spatio is a satellite geospatial data processing and analysis platform developed by Microsoft Corporation. There is a code vulnerability in Microsoft Azure Orbital Spatio, which stems from unlimited upload of dangerous types of files. This vulnerability could allow...

10CVSS6AI score0.00534EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.16 views

PT-2026-42844

Name of the Vulnerable Software and Affected Versions Azure Orbital Spatio affected versions not specified Description Unrestricted upload of files with dangerous types allows an unauthorized attacker to execute code over a network. Recommendations At the moment, there is no information about a...

10CVSS6AI score0.00534EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/05/21 2:0 p.m.17 views

Azure Orbital Spatio Remote Code Execution Vulnerability

Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network...

10CVSS6AI score0.00534EPSS
Exploits0
EUVD
EUVD
added 2026/05/21 8:7 a.m.11 views

EUVD-2026-31244

Improper input validation, Unrestricted upload of file with dangerous type vulnerability in Gmission Web Fax allows Remote Code Inclusion. This issue affects Web Fax: from 3.0 before 3.1...

8.6CVSS5.8AI score0.0012EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/21 8:7 a.m.8 views

CVE-2026-9157 Remote Code Execution in Gmission Web FAX

Improper input validation, Unrestricted upload of file with dangerous type vulnerability in Gmission Web Fax allows Remote Code Inclusion. This issue affects Web Fax: from 3.0 before 3.1...

8.6CVSS5.8AI score0.0012EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/21 8:7 a.m.42 views

CVE-2026-9157 Remote Code Execution in Gmission Web FAX

Improper input validation, Unrestricted upload of file with dangerous type vulnerability in Gmission Web Fax allows Remote Code Inclusion. This issue affects Web Fax: from 3.0 before 3.1...

8.6CVSS0.0012EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.15 views

PT-2026-42443

Improper input validation, Unrestricted upload of file with dangerous type vulnerability in Gmission Web Fax allows Remote Code Inclusion. This issue affects Web Fax: from 3.0 before 3.1...

8.6CVSS5.8AI score0.0012EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/20 6:0 p.m.16 views

EUVD-2026-31149

Unrestricted Upload of File with Dangerous Type vulnerability in WP Swings Gift Cards For WooCommerce Pro allows Using Malicious Files. This issue affects Gift Cards For WooCommerce Pro: from n/a through 4.2.6...

10CVSS5.8AI score0.00282EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 6:0 p.m.8 views

CVE-2026-45444

Unrestricted Upload of File with Dangerous Type vulnerability in WP Swings Gift Cards For WooCommerce Pro allows Using Malicious Files. This issue affects Gift Cards For WooCommerce Pro: from n/a through 4.2.6...

10CVSS5.8AI score0.00282EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

wordpress plugin Gift Cards For WooCommerce Pro 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

10CVSS5.9AI score0.00282EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.13 views

PT-2026-42226

Name of the Vulnerable Software and Affected Versions Gift Cards For WooCommerce Pro versions prior to 4.2.7 Description An unrestricted file upload issue allows the use of malicious files with dangerous types. This flaw has been confirmed to be exploited in the wild. Recommendations Update to a...

10CVSS5.7AI score0.00282EPSS
Exploits0References4
OSV
OSV
added 2026/05/19 4:31 p.m.7 views

GHSA-82RC-GXRG-V4GF Budibase: Unrestricted Upload of File with Dangerous Type

Summary The file upload endpoint POST /api/attachments/process does not enforce active-content restrictions for authenticated users. The checks for dangerous file extensions html, svg, js, php, etc. are conditionally wrapped inside if isPublicUser or if isPublicUser || !env.SELFHOSTED, meaning an...

7.6CVSS5.8AI score0.00175EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/05/19 4:31 p.m.10 views

NPM: Budibase: Unrestricted Upload of File with Dangerous Type

NPM: Budibase: Unrestricted Upload of File with Dangerous Type vulnerability discovered by ? in WordPress Npm budibase versions 3.38.2...

7.6CVSS5.8AI score0.00175EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.17 views

PT-2026-42050

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.38.2 Description The file upload endpoint "/api/attachments/process" does not enforce active-content restrictions for authenticated users. The system fails to properly check for dangerous file extensions when the...

7.6CVSS5.8AI score0.00175EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

WordPress plugin WP Super Edit 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS5.9AI score0.00576EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.13 views

PT-2026-41344

Name of the Vulnerable Software and Affected Versions WP Super Edit versions 2.5.4 and earlier Description The FCKeditor component contains an unrestricted file upload flaw. Attackers can upload arbitrary and dangerous file types without validation through the 'filemanager upload' endpoint, which...

9.8CVSS6.5AI score0.00576EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/05/12 4:49 p.m.99 views

Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms

ChamiloLMS CVE-2023-4220 Exploit Python exploit for CVE-202...

8.1CVSS6AI score0.76084EPSS
Exploits27
GithubExploit
GithubExploit
added 2026/05/10 12:7 p.m.111 views

Exploit for Unrestricted Upload of File with Dangerous Type in Filemanagerpro File_Manager

wp-file-manager-exploit-CVE-2020-25213-with-Zerologon Project...

10CVSS6AI score0.97328EPSS
Exploits14
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.17 views

PT-2026-39282

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.1.124 Description An issue exists in the self-hosted artificial intelligence platform where the application fails to validate or sanitize the filename during file uploads. When attaching files to a prompt via the...

7.3CVSS5.9AI score0.00336EPSS
Exploits1References6
VulnCheck KEV
VulnCheck KEV
added 2026/05/04 12:0 a.m.12 views

VulnCheck KEV: CVE-2024-31286

Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a before 8.6.03.005...

9.9CVSS7.3AI score0.00862EPSS
In wildExploits0References2
Rows per page
Query Builder