Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1026 matches found

OSV
OSVadded 2026/02/09 10:15 a.m.0 views

CVE-2026-2226

A vulnerability has been found in DouPHP up to 1.9. This issue affects some unknown processing of the file /admin/file.php of the component ZIP File Handler. Such manipulation of the argument sqlfilename leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

7.2CVSS5.4AI score
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/02/09 9:32 a.m.4 views

CVE-2026-2226

A vulnerability has been found in DouPHP up to 1.9. This issue affects some unknown processing of the file /admin/file.php of the component ZIP File Handler. Such manipulation of the argument sqlfilename leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

5.8CVSS5.2AI score0.00021EPSS
Exploits1References4
Cvelist
Cvelistadded 2026/02/09 9:32 a.m.25 views

CVE-2026-2226 DouPHP ZIP File file.php unrestricted upload

A vulnerability has been found in DouPHP up to 1.9. This issue affects some unknown processing of the file /admin/file.php of the component ZIP File Handler. Such manipulation of the argument sqlfilename leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

5.8CVSS0.00021EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/02/09 9:32 a.m.3 views

CVE-2026-2226 DouPHP ZIP File file.php unrestricted upload

A vulnerability has been found in DouPHP up to 1.9. This issue affects some unknown processing of the file /admin/file.php of the component ZIP File Handler. Such manipulation of the argument sqlfilename leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

5.8CVSS5.2AI score0.00021EPSS
Exploits1References4
CVE
CVEadded 2026/02/09 9:32 a.m.8 views

CVE-2026-2226

CVE-2026-2226 affects DouPHP up to 1.9, targeting the ZIP File Handler component. The issue arises from manipulating the argument sql_filename in the file /admin/file.php, leading to unrestricted upload. The vulnerability can be exploited remotely, and the exploit has been disclosed publicly. The...

7.2CVSS5.2AI score0.00021EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2026/02/09 12:0 a.m.3 views

PT-2026-7091

A vulnerability has been found in DouPHP up to 1.9. This issue affects some unknown processing of the file /admin/file.php of the component ZIP File Handler. Such manipulation of the argument sql filename leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

5.8CVSS5.3AI score0.00021EPSS
Exploits1References5
OSV
OSVadded 2026/02/06 3:57 p.m.4 views

OESA-2026-1330 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was found in Open...

8.8CVSS4.9AI score0.0012EPSS
Exploits7References8
EUVD
EUVDadded 2026/02/03 8:32 p.m.1 views

EUVD-2026-5175

A vulnerability was detected in bolo-blog bolo-solo up to 2.6.4. The impacted element is the function unpackFilteredZip of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component ZIP File Handler. Performing a manipulation of the argument File results in path traversal...

6.5CVSS5.1AI score0.00128EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/02/03 12:0 a.m.1 views

PT-2026-6062

Name of the Vulnerable Software and Affected Versions bolo-blog bolo-solo versions prior to 2.6.5 Description A path traversal issue exists in the ZIP File Handler component of bolo-blog bolo-solo. The issue is located in the unpackFilteredZip function within the...

6.5CVSS5.3AI score0.00128EPSS
Exploits1References7
Github Security Blog
Github Security Blogadded 2026/02/02 8:50 p.m.7 views

picklescan vulnerable to arbitrary file create using logging.FileHandler

Summary Unsafe pickle deserialization allows unauthenticated attackers to perform Arbitrary File Creation. By chaining the logging.FileHandler class, an attacker can bypass RCE-focused blocklists to create empty files on the server. The vulnerability allows creating zero-byte files in arbitrary...

5.8AI score
Exploits0References5Affected Software1
OSV
OSVadded 2026/02/02 8:50 p.m.2 views

GHSA-M7J5-R2P5-C39R picklescan vulnerable to arbitrary file create using logging.FileHandler

Summary Unsafe pickle deserialization allows unauthenticated attackers to perform Arbitrary File Creation. By chaining the logging.FileHandler class, an attacker can bypass RCE-focused blocklists to create empty files on the server. The vulnerability allows creating zero-byte files in arbitrary...

6.9CVSS5.8AI score
Exploits0References5
NVD
NVDadded 2026/01/18 5:15 p.m.2 views

CVE-2026-1126

A security vulnerability has been detected in lwj flow up to a3d2fe8133db9d3b50fda4f66f68634640344641. This affects the function uploadFile of the file \flow-master\flow-front-rest\src\main\java\com\dragon\flow\web\resource\flow\FormResource.java of the component SVG File Handler. The manipulatio...

6.5CVSS0.0007EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/01/18 4:32 p.m.1 views

CVE-2026-1126

A security vulnerability has been detected in lwj flow up to a3d2fe8133db9d3b50fda4f66f68634640344641. This affects the function uploadFile of the file \flow-master\flow-front-rest\src\main\java\com\dragon\flow\web\resource\flow\FormResource.java of the component SVG File Handler. The manipulatio...

6.5CVSS5.1AI score0.0007EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/01/18 4:32 p.m.1 views

CVE-2026-1126 lwj flow SVG File FormResource.java uploadFile unrestricted upload

A security vulnerability has been detected in lwj flow up to a3d2fe8133db9d3b50fda4f66f68634640344641. This affects the function uploadFile of the file \flow-master\flow-front-rest\src\main\java\com\dragon\flow\web\resource\flow\FormResource.java of the component SVG File Handler. The manipulatio...

6.5CVSS6.1AI score0.0007EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/01/18 12:0 a.m.0 views

Flow code issues and vulnerabilities

Flow is a free and open-source enterprise-level process application developed by FlowwJ, a Chinese developer. It combines technologies such as Flowable to create an integrated process engine solution. There are code issues and vulnerabilities in Flow; these vulnerabilities stem from incorrect...

6.5CVSS6.7AI score0.0007EPSS
Exploits0References5
OSV
OSVadded 2026/01/16 11:57 a.m.2 views

OESA-2026-1080 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A weakness has been identified in Op...

9.8CVSS6.6AI score0.00108EPSS
Exploits3References4
RedhatCVE
RedhatCVEadded 2026/01/10 5:41 a.m.4 views

CVE-2026-0730

A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADDSTAFF/UPDATESTAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profilepic can lead to cross site scripting...

4.8CVSS5.2AI score0.00059EPSS
Exploits1References1
EUVD
EUVDadded 2026/01/09 12:30 a.m.4 views

EUVD-2026-1658

A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADDSTAFF/UPDATESTAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profilepic can lead to cross site scripting...

4.8CVSS5.1AI score0.00059EPSS
Exploits1References6
NVD
NVDadded 2026/01/08 10:16 p.m.1 views

CVE-2026-0730

A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADDSTAFF/UPDATESTAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profilepic can lead to cross site scripting...

4.8CVSS0.00059EPSS
Exploits1References5
OSV
OSVadded 2026/01/08 10:16 p.m.2 views

CVE-2026-0730

A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADDSTAFF/UPDATESTAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profilepic can lead to cross site scripting...

4.8CVSS4AI score
Exploits0References5
Rows per page
Query Builder