Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

70 matches found

OSV
OSVadded 2023/09/21 7:15 p.m.1 views

CVE-2023-42280

mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading...

7.5CVSS5.9AI score
Exploits0References1
NVD
NVDadded 2023/03/11 9:15 a.m.16 views

CVE-2023-1349

A vulnerability, which was classified as problematic, has been found in Hsycms 3.1. Affected by this issue is some unknown functionality of the file controller\cate.php of the component Add Category Module. The manipulation of the argument title leads to cross site scripting. The attack may be...

6.1CVSS4.5AI score0.00269EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2022/09/02 12:0 a.m.3 views

PT-2022-23493 · Unknown · Kkfileview

Name of the Vulnerable Software and Affected Versions: kkFileView version 4.0.0 Description: The issue allows for arbitrary file deletion via the fileName parameter at the /controller/FileController.java endpoint. Recommendations: For kkFileView version 4.0.0, consider restricting access to the...

6.5CVSS6.3AI score0.00968EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2022/05/13 12:0 a.m.1 views

PT-2022-11757 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: novel-plus versions all Description: The issue concerns an unrestricted file upload in the /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java file. This allows an attacker to upload malicious JSP files...

9.8CVSS9.4AI score0.00363EPSS
Exploits1References3
NVD
NVDadded 2022/04/26 9:15 p.m.9 views

CVE-2022-28058

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\filecontroller.php...

8.1CVSS0.00605EPSS
Exploits1References2
OSV
OSVadded 2022/04/26 9:15 p.m.0 views

CVE-2022-28058

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\filecontroller.php...

8.1CVSS7.4AI score
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2022/04/26 9:15 p.m.1 views

CVE-2022-28058

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\filecontroller.php...

8.1CVSS6AI score0.00605EPSS
Exploits1References3
Prion
Prionadded 2022/04/26 9:15 p.m.9 views

Arbitrary file deletion

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\filecontroller.php...

5.5CVSS8.2AI score0.00605EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2022/04/26 12:0 a.m.2 views

Verydows 路径遍历漏洞

Verydows is a lightweight open source e-commerce management system developed using the PHP language . Verydows v2.0 has a security vulnerability , the attacker can ackendfilecontroller.php for arbitrary file deletion...

8.1CVSS7.9AI score0.00605EPSS
Exploits1References3
Packet Storm
Packet Stormadded 2021/03/29 12:0 a.m.255 views

Novel Boutique House-plus 3.5.1 Arbitrary File Download

Exploit Title: Novel Boutique House-plus 3.5.1 - Arbitrary File Download Date: 27/03/2021 Exploit Author: tuyiqiang Vendor Homepage: https://xiongxyang.gitee.io/ Software Link: https://gitee.com/noveldevteam/novel-plus,https://github.com/201206030/novel-plus Version: all Tested on: linux Vulnerab...

0.3AI score
Exploits0
Rows per page
Query Builder