Lucene search
K

422 matches found

Vulnrichment
Vulnrichment
added 2024/03/20 12:0 a.m.13 views

CVE-2024-28396

An issue in MyPrestaModules ordersexport v.6.0.2 and before allows a remote attacker to execute arbitrary code via the download.php component...

7.9AI score0.00826EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/19 3:0 p.m.25 views

CVE-2024-0716 Byzoro Smart S150 Management Platform Backup File download.php information disclosure

A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...

3.1CVSS5.3AI score0.01208EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/01/19 3:0 p.m.12 views

CVE-2024-0716 Byzoro Smart S150 Management Platform Backup File download.php information disclosure

A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...

3.1CVSS6.6AI score0.01208EPSS
Exploits1References4
NVD
NVD
added 2024/01/12 7:15 p.m.22 views

CVE-2024-0465

A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...

5.3CVSS4.7AI score0.00728EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/01/12 7:0 p.m.1 views

CVE-2024-0465 code-projects Employee Profile Management System download.php path traversal

A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...

3.5CVSS4.8AI score0.00728EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/12 7:0 p.m.28 views

CVE-2024-0465 code-projects Employee Profile Management System download.php path traversal

A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...

3.5CVSS5.8AI score0.00728EPSS
Exploits0References3
NVD
NVD
added 2023/12/29 4:15 a.m.29 views

CVE-2023-7149

A vulnerability was found in code-projects QR Code Generator 1.0. It has been classified as problematic. This affects an unknown part of the file /download.php?file=author.png. The manipulation of the argument file with the input " leads to cross site scripting. It is possible to initiate the...

6.1CVSS0.00514EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.4 views

Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform Operating System Command Injection Vulnerability

Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform is a Multi-Service Secure Gateway Intelligent Management Platform from Beijing Baichuo, China. Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform 20230928 and earlier...

8.8CVSS7.5AI score0.14839EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2023/09/18 12:0 a.m.335 views

KPOT Stealer CMS 2.0 Directory Traversal

==================================================================================================================================== | Title : KPOT Stealer CMS v2.0 Directory Traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0....

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/08/02 12:0 a.m.249 views

ConverTo Video Downloader And Converter 1.4.2 File Download

==================================================================================================================================== | Title : ConverTo Video Downloader & Converter v1.4.2 - Arbitrary File Download Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/25 12:0 a.m.273 views

WordPress KAP Theme 2.0 Directory Traversal

==================================================================================================================================== | Title : Wordpress KAP-theme v2.0 Directory Traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

7.1AI score
Exploits0
NVD
NVD
added 2023/06/12 5:15 p.m.19 views

CVE-2023-30198

Prestashop winbizpayment = 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php...

7.5CVSS7.5AI score0.05523EPSS
Exploits3References4
Positive Technologies
Positive Technologies
added 2023/06/12 12:0 a.m.4 views

PT-2023-22580 · Prestashop · Prestashop Winbizpayment

Name of the Vulnerable Software and Affected Versions: Prestashop winbizpayment versions 1.0.2 and earlier Description: The issue is related to Incorrect Access Control. It affects the downloads/download.php file in the modules/winbizpayment directory. Recommendations: For Prestashop winbizpaymen...

7.5CVSS6.8AI score0.05523EPSS
Exploits3References6
NVD
NVD
added 2023/05/30 12:15 p.m.13 views

CVE-2023-30196

Prestashop salesbooster = 1.10.4 is vulnerable to Incorrect Access Control via modules/salesbooster/downloads/download.php...

7.5CVSS7.5AI score0.00497EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/30 12:0 a.m.17 views

CVE-2023-30196

Prestashop salesbooster = 1.10.4 is vulnerable to Incorrect Access Control via modules/salesbooster/downloads/download.php...

7.5CVSS7.7AI score0.00497EPSS
Exploits0References2
NVD
NVD
added 2023/05/19 2:15 p.m.11 views

CVE-2023-30199

Prestashop customexporter = 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php...

7.5CVSS7.5AI score0.00697EPSS
Exploits0References2
Prion
Prion
added 2023/05/19 2:15 p.m.14 views

Improper access control

Prestashop customexporter = 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php...

5CVSS7.5AI score0.00697EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/05/19 12:0 a.m.16 views

CVE-2023-30199

Prestashop customexporter = 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php...

7.5CVSS7.7AI score0.00697EPSS
Exploits0References2
Prion
Prion
added 2022/10/13 11:15 p.m.10 views

Sql injection

OcoMon v4.0 was discovered to contain a SQL injection vulnerability via the cod parameter at download.php...

7.5CVSS9.8AI score0.00752EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/10/13 12:0 a.m.24 views

CVE-2022-41390

OcoMon v4.0 was discovered to contain a SQL injection vulnerability via the cod parameter at download.php...

10AI score0.00752EPSS
Exploits1References1
Rows per page
Query Builder