Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7185 matches found

CNVD
CNVDadded 2022/05/13 12:0 a.m.12 views

ftcms arbitrary file writing vulnerability

ftcms is a content management system from ftcms. ftcms version 2.1 and previous versions have an arbitrary file write vulnerability, which originates from the lack of valid file checksum in admin/controllers/tp.php and can be exploited by attackers to cause arbitrary file writes...

8.8CVSS4.4AI score0.01085EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2022/05/13 12:0 a.m.37 views

SUSE SLES12 Security Update : gzip (SUSE-SU-2022:1650-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1650-1 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for...

8.8CVSS7AI score0.04301EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2022/05/13 12:0 a.m.131 views

CentOS 7 : gzip (RHSA-2022:2191)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:2191 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted...

8.8CVSS7AI score0.04301EPSS
Exploits0References2
OSV
OSVadded 2022/05/12 6:16 p.m.2 views

CVE-2022-29363

Phpok v6.1 was discovered to contain a deserialization vulnerability via the updatef function in logincontrol.php. This vulnerability allows attackers to getshell via writing arbitrary files...

9.8CVSS5.9AI score0.01231EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/05/12 6:16 p.m.2 views

CVE-2022-29363

Phpok v6.1 was discovered to contain a deserialization vulnerability via the updatef function in logincontrol.php. This vulnerability allows attackers to getshell via writing arbitrary files...

9.8CVSS7.3AI score0.01231EPSS
Exploits1References2
NVD
NVDadded 2022/05/12 5:15 p.m.8 views

CVE-2022-21809

A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability...

9.9CVSS0.01704EPSS
Exploits1References2
Prion
Prionadded 2022/05/12 5:15 p.m.12 views

Arbitrary file deletion

A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability...

5.5CVSS8AI score0.01704EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/05/12 5:1 p.m.6 views

CVE-2022-21809

A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability...

9.9CVSS8.7AI score0.01704EPSS
Exploits1References2
CVE
CVEadded 2022/05/12 5:1 p.m.76 views

CVE-2022-21809

CVE-2022-21809 affects InHand Networks InRouter302 (V3.5.4). TALOS-2022-1468 documents a file-write vulnerability in the httpd upload.cgi endpoint: an attacker can upload arbitrary files by crafting a POST to upload.cgi, potentially leading to remote code execution. The flaw stems from how upload...

9.9CVSS8AI score0.01704EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/05/12 5:1 p.m.19 views

CVE-2022-21809

A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability...

9.9CVSS8.3AI score0.01704EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/05/12 12:0 a.m.5 views

PHPOK 代码问题漏洞

PHPOK is an enterprise website builder with extended support. A security vulnerability exists in PHPOK v6.1, which originates from a deserialization vulnerability in the updatef function of logincontrol.php in Phpok v6.1, which can be exploited by an attacker to write to an arbitrary file and...

9.8CVSS8.6AI score0.01231EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/05/12 12:0 a.m.5 views

Cambium Networks cnMaestro 路径遍历漏洞

Cambium Networks cnMaestro is a cloud-based or native software platform from Cambium Networks for secure end-to-end network control. Cambium Networks cnMaestro suffers from a path traversal vulnerability that stems from cnMaestro's susceptibility to an arbitrary file write attack. An attacker...

7.5CVSS7.5AI score0.00875EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2022/05/12 12:0 a.m.51 views

RHEL 7 : gzip (RHSA-2022:2191)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:2191 advisory. The gzip packages contain the gzip GNU zip data compression utility. gzip is used to compress regular files. It replaces them with files containing t...

8.8CVSS7AI score0.04301EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2022/05/12 12:0 a.m.17 views

Scientific Linux Security Update : gzip on SL7.x x86_64 (2022:2191)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:2191-1 advisory. - gzip: arbitrary-file-write vulnerability CVE-2022-1271 Note that Nessus has not tested for this issue but has instead relied only on the application's...

8.8CVSS6.8AI score0.04301EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2022/05/11 7:29 p.m.84 views

Important: Red Hat Security Advisory: gzip security update

An update for gzip is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.8CVSS6.7AI score0.04301EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2022/05/11 7:29 p.m.4 views

gzip: arbitrary-file-write vulnerability

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

8.8CVSS7.2AI score0.04301EPSS
Exploits0References4
OSV
OSVadded 2022/05/11 6:15 p.m.1 views

CVE-2022-30060

ftcms =2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php...

8.8CVSS7.3AI score0.01085EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/05/11 6:15 p.m.3 views

CVE-2022-30060

ftcms =2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php...

8.8CVSS5.8AI score0.01085EPSS
Exploits1References2
NVD
NVDadded 2022/05/11 6:15 p.m.8 views

CVE-2022-30060

ftcms =2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php...

8.8CVSS0.01085EPSS
Exploits1References1
Prion
Prionadded 2022/05/11 6:15 p.m.14 views

Code injection

ftcms =2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php...

6.5CVSS8.7AI score0.01085EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder