CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

60 matches found

Prion•added 2021/06/21 7:15 p.m.•13 views

Design/Logic Flaw

Textpattern 4.7.3 contains an aribtrary file load via the fileinsert function in include/txpfile.php...

7.5CVSS9.4AI score0.00433EPSS

Exploits1References1Affected Software1

CVE•added 2021/06/21 6:4 p.m.•36 views

CVE-2020-19510

CVE-2020-19510 affects Textpattern 4.7.3, where an arbitrary file load/upload is possible through the file_insert function in include/txp_file.php. The connected sources consistently describe this vulnerability as an arbitrary file upload issue in Textpattern; no exploit details are provided in t...

9.8CVSS9.4AI score0.00433EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/06/21 6:4 p.m.•15 views

CVE-2020-19510

Textpattern 4.7.3 contains an aribtrary file load via the fileinsert function in include/txpfile.php...

9.5AI score0.00433EPSS

Exploits1References1

Exploit DB•added 2020/03/30 12:0 a.m.•220 views

10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow (SEH) (ROP)

Exploit Title: 10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow SEHROP Date: 2020-03-30 Exploit Author: Hodorsec Version: 9.03 Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Vendor Homepage: https://www.10-strike.com Teste...

7.4AI score

Exploits0

Debian CVE•added 2019/08/16 12:0 a.m.•29 views

CVE-2019-5477

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being called with unsafe user input as the filename. This...

9.8CVSS9AI score0.09316EPSS

Exploits0

NVD•added 2016/07/21 10:13 a.m.•12 views

CVE-2016-3557

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via vectors related to File Load...

6.1CVSS5.2AI score0.00236EPSS

Exploits0References3

OSV•added 2016/07/21 10:13 a.m.•2 views

CVE-2016-3557

6.1CVSS5.8AI score0.00236EPSS

Exploits0References3

Prion•added 2016/07/21 10:13 a.m.•11 views

Design/Logic Flaw

5.8CVSS6AI score0.00236EPSS

Exploits0References3Affected Software1

Cvelist•added 2016/07/21 10:0 a.m.•14 views

CVE-2016-3557

5.3AI score0.00236EPSS

Exploits0References3

CVE•added 2016/07/21 10:0 a.m.•42 views

CVE-2016-3557

CVE-2016-3557 affects the Oracle Agile PLM component of Oracle Supply Chain Products Suite (versions 9.3.4 and 9.3.5). The issue is described as an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity via vectors related to File Load. The connected docume...

6.1CVSS5.6AI score0.00236EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2016/07/21 10:0 a.m.•1 views

CVE-2016-3557

5.6AI score0.00236EPSS

Exploits0References3

0day.today•added 2015/08/29 12:0 a.m.•23 views

phpwiki 1.5.4 - Cross Site Scripting / Local File Inclusion Vulnerabilities

Exploit for php platform in category web applications Title: phpwiki 1.5.4 - Cross Site Scripting / Local File Inclusion Date: 29.08.15 Vendor: sourceforge.net/projects/phpwiki/ Affected versions: = 1.5.4 current Tested on: Apache2.2 / PHP5 / Deb32 Author: Smash Contact: smash at devilteam.pl 1/...

7.1AI score

Exploits0

Japan Vulnerability Notes•added 2015/06/12 12:0 a.m.•31 views

JVN#18146081: LoadLibrary function in Microsoft Windows fails to validate input properly

The LoadLibrary function in Microsoft Windows fails to validate input properly. As a result, it may load a specially crafted DLL file CWE-114. Impact An arbitrary code may be executed as a result of an application loads a specially crafted DLL file. Solution Update the Software This issue was...

6.9CVSS6.4AI score0.05398EPSS

Exploits0

OSV•added 2014/11/16 11:59 a.m.•1 views

DEBIAN-CVE-2014-3756

The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service hang and resource consumption via a crafted string that is treated as rich-text by a Qt widget, as demonstrated by the 1 user or 2 channel name in a Qt dialog, 3...

5CVSS6.8AI score0.006EPSS

Exploits0References1

seebug.org•added 2012/05/29 12:0 a.m.•21 views

VMware vMA不明细节本地权限提升漏洞

BUGTRAQ ID: 53697 CVE ID: CVE-2012-2752 vSphere Management Assistant vMA是允许管理员和开发者运行脚本和代理以管理ESXi主机和vCenter服务器系统的虚拟计算机。 VMWare vMA 4.0、4.1、5.0.0.1 之前版本在实现上存在加载任意文件导致的本地权限提升漏洞，攻击者可利用此漏洞以提升的权限执行任意代码。 0 VMWare vMA 5.0.0.1 VMWare vMA 4.1 VMWare vMA 4.0 厂商补丁： VMWare ------...

7.2CVSS6.3AI score0.00041EPSS

Exploits1

NVD•added 2011/10/30 10:55 a.m.•11 views

CVE-2011-1367

Unspecified vulnerability in the File Load feature in IBM Rational AppScan Standard and Express 7.8.x, 7.9.x, and 8.0.x before 8.0.0.3 allows remote attackers to execute arbitrary commands via a crafted .scan file...

9.3CVSS7.3AI score0.01186EPSS

Exploits0References5

Prion•added 2011/10/30 10:55 a.m.•14 views

Design/Logic Flaw

9.3CVSS7.8AI score0.01186EPSS

Exploits0References5Affected Software1

Cvelist•added 2011/10/30 10:0 a.m.•11 views

CVE-2011-1367

7.3AI score0.01186EPSS

Exploits0References5

exploitpack•added 2010/02/22 12:0 a.m.•22 views

Winamp 5.57 - Browser IE Denial of Service

Winamp 5.57 - Browser IE Denial of Service From: Indonesia Tested Win xpsp2 Greetz: no thanks : Usage: change your winamp skin with bento, to open browser press ALT + X drag or load file to browser and keep smile : +---------------------------------------------------------------------------------...

0.4AI score

Exploits0

CVE•added 2005/01/29 5:0 a.m.•71 views

CVE-2005-0141

CVE-2005-0141 affects Firefox < 1.0 and Mozilla

2.6CVSS6.2AI score0.00749EPSS

Exploits0References8Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by