Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3137 matches found

OSV
OSVadded 2024/08/12 1:38 p.m.5 views

CVE-2024-7660

A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add File Handler. The manipulation of the argument File Title/Uploaded By leads to cross site scripting. The attack can ...

6.1CVSS3.6AI score0.00488EPSS
Exploits1References4
NVD
NVDadded 2024/08/12 1:38 p.m.15 views

CVE-2024-7660

A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add File Handler. The manipulation of the argument File Title/Uploaded By leads to cross site scripting. The attack can ...

6.1CVSS0.00488EPSS
Exploits1References4
CVE
CVEadded 2024/08/12 12:0 a.m.47 views

CVE-2024-42630

CVE-2024-42630 affects FrogCMS v0.9.5 with a Cross-Site Request Forgery (CSRF) in the admin file manager create_file endpoint: /admin/?/plugin/file_manager/create_file. Root cause is CSRF in the file management API, requiring user interaction for exploitation. Impact is high (confidentiality, int...

8.8CVSS7.2AI score0.00279EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDadded 2024/08/12 12:0 a.m.2 views

SourceCodester File Manager 安全漏洞

SourceCodester File Manager is a file manager. A security vulnerability exists in SourceCodester File Manager version 1.0, which stems from a cross-site scripting vulnerability in the File Title/Uploaded By parameter of the Add File Handler component...

6.1CVSS4.6AI score0.00488EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2024/08/12 12:0 a.m.5 views

PT-2024-30081 · Frog Cms · Frog Cms

Name of the Vulnerable Software and Affected Versions: FrogCMS version 0.9.5 Description: A Cross-Site Request Forgery CSRF issue was discovered in FrogCMS. The vulnerability can be exploited via the "/admin/?/plugin/file manager/create file" API endpoint. Recommendations: For FrogCMS version...

8.8CVSS6.8AI score0.00279EPSS
Exploits1References7
CNNVD
CNNVDadded 2024/08/12 12:0 a.m.4 views

FrogCms 安全漏洞

FrogCms is an HTTP server by philippe personal developer. A security vulnerability exists in FrogCms version v0.9.5, which stems from a vulnerability discovered via /admin/? /plugin/filemanager/createfile was found to contain a cross-site request forgery vulnerability...

8.8CVSS6.8AI score0.00279EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2024/08/11 3:0 a.m.15 views

CVE-2024-7660 SourceCodester File Manager App Add File cross site scripting

A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add File Handler. The manipulation of the argument File Title/Uploaded By leads to cross site scripting. The attack can ...

5.3CVSS6.2AI score0.00488EPSS
Exploits1References4
Cvelist
Cvelistadded 2024/08/11 3:0 a.m.21 views

CVE-2024-7660 SourceCodester File Manager App Add File cross site scripting

A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add File Handler. The manipulation of the argument File Title/Uploaded By leads to cross site scripting. The attack can ...

5.3CVSS0.00488EPSS
Exploits1References4
CVE
CVEadded 2024/08/11 3:0 a.m.57 views

CVE-2024-7660

SourceCodester File Manager App 1.0 contains a cross‑site scripting vulnerability in the Add File Handler. Manipulating the File Title/Uploaded By parameter can trigger XSS, with remote exploitation and a publicly disclosed exploit. Connected advisories do not specify the exact XSS type (reflecte...

6.1CVSS3.8AI score0.00488EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2024/08/11 12:0 a.m.4 views

PT-2024-38488 · Unknown · Sourcecodester File Manager App

Name of the Vulnerable Software and Affected Versions: SourceCodester File Manager App version 1.0 Description: A vulnerability has been found in the SourceCodester File Manager App, affecting an unknown functionality of the component Add File Handler. The manipulation of the argument File...

6.1CVSS4.3AI score0.00488EPSS
Exploits1References6
SUSE CVE
SUSE CVEadded 2024/08/06 2:17 a.m.5 views

SUSE CVE-2023-50700

Insecure Permissions vulnerability in Deepin dde-file-manager 6.0.54 and earlier allows privileged operations to be called by unprivileged users via the D-Bus method...

7.8CVSS6.9AI score0.00163EPSS
Exploits0References3
Patchstack
Patchstackadded 2024/08/05 2:29 a.m.3 views

WordPress File Manager Pro plugin <= 1.8.2 - Authenticated Plugin Settings Update vulnerability

Authenticated Plugin Settings Update vulnerability discovered by bart in WordPress Plugin File Manager Pro versions = 1.8.2...

8.8CVSS7AI score0.00624EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2024/08/05 12:0 a.m.7 views

WordPress File Manager Pro Plugin <= 1.8.2 is vulnerable to Settings Change

Software File Manager Pro Type Plugin Vulnerable versions = 1.8.2 Fixed in 1.8.3 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-7031 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID dd2b25032f95 Credits bart Required privilege Subscriber...

8.8CVSS6.6AI score0.00624EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2024/08/03 9:15 a.m.3 views

CVE-2024-7031

The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'njtfssaveSettingRestrictions' function in all versions up to, and including, 1.8.2. This makes it possible for authenticated attackers, with a role tha...

8.8CVSS5.7AI score
Exploits0References4
NVD
NVDadded 2024/08/03 9:15 a.m.40 views

CVE-2024-7031

The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'njtfssaveSettingRestrictions' function in all versions up to, and including, 1.8.2. This makes it possible for authenticated attackers, with a role tha...

8.8CVSS0.00624EPSS
Exploits0References4
Cvelist
Cvelistadded 2024/08/03 8:36 a.m.46 views

CVE-2024-7031 File Manager Pro – Filester <= 1.8.2 - Authenticated Plugin Settings Update

The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'njtfssaveSettingRestrictions' function in all versions up to, and including, 1.8.2. This makes it possible for authenticated attackers, with a role tha...

7.5CVSS0.00624EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/08/03 8:36 a.m.30 views

CVE-2024-7031 File Manager Pro – Filester <= 1.8.2 - Authenticated Plugin Settings Update

The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'njtfssaveSettingRestrictions' function in all versions up to, and including, 1.8.2. This makes it possible for authenticated attackers, with a role tha...

7.5CVSS6.5AI score0.00624EPSS
Exploits0References3
CVE
CVEadded 2024/08/03 8:36 a.m.39 views

CVE-2024-7031

The CVE-2024-7031 entry concerns the WordPress File Manager Pro – Filester plugin. A missing capability check in njt_fs_saveSettingRestrictions allows authenticated users, granted permissions by an Administrator, to modify plugin settings related to user role restrictions and uploads (e.g., enabl...

8.8CVSS7.3AI score0.00624EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2024/08/03 12:0 a.m.8 views

PT-2024-38037 · WordPress · File Manager Pro – Filester

Name of the Vulnerable Software and Affected Versions: File Manager Pro – Filester plugin for WordPress versions up to, and including, 1.8.2 Description: The issue allows authenticated attackers with granted permissions by an Administrator to update plugin settings for user role restrictions. Thi...

8.8CVSS7AI score0.00624EPSS
Exploits0References8
CNNVD
CNNVDadded 2024/08/03 12:0 a.m.4 views

WordPress plugin File Manager Pro – Filester 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin... A security vulnerability...

8.8CVSS6.4AI score0.00624EPSS
Exploits0References4
Rows per page
Query Builder