CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3118 matches found

CNNVD•added 2025/12/17 12:0 a.m.•3 views

PHPFusion 跨站脚本漏洞

PHPFusion is an open source lightweight content management system based on MySql and PHP by PHPFusion Malaysia. The system contains modules for news, articles and forums. A cross-site scripting vulnerability exists in PHPFusion version 9.10.30, which stems from the file manager allowing the uploa...

6.1CVSS6AI score0.00025EPSS

Exploits1References4

Veracode•added 2025/12/13 6:50 a.m.•3 views

Directory Traversal

alexusmai laravel-file-manager is vulnerable to Directory Traversal. The vulnerability is due to improper path validation in the zip/archiving functionality, which allows an attacker to create crafted archives that include files and directories outside the intended scope...

6.5CVSS5.9AI score0.00027EPSS

Exploits1References4Affected Software1

Veracode•added 2025/12/13 6:48 a.m.•4 views

Directory Traversal

alexusmai/laravel-file-manager is vulnerable to Directory Traversal. The vulnerability is due to insufficient validation of extraction paths during archive unzip functionality, which allows an attacker to write files to arbitrary locations on the filesystem...

9.1CVSS6AI score0.00177EPSS

Exploits1References4Affected Software1

EUVD•added 2025/12/11 12:30 a.m.•1 views

EUVD-2024-55315

WBCE CMS version 1.6.2 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the Elfinder file manager. Attackers can exploit the file upload functionality in the elfinder connector to upload a web shell and execute arbitrary syst...

8.7CVSS8.2AI score0.00574EPSS

Exploits0References5

NVD•added 2025/12/10 10:16 p.m.•2 views

CVE-2024-58283

8.8CVSS0.00574EPSS

Exploits0References4

Positive Technologies•added 2025/12/10 12:0 a.m.•3 views

PT-2025-50532

8.7CVSS8.6AI score0.00574EPSS

Exploits0References6

CNNVD•added 2025/12/10 12:0 a.m.•1 views

WBCE CMS 代码问题漏洞

WBCE CMS is a PHP and MySQL based open source content management system CMS from WBCE CMS Open Source. A code issue vulnerability exists in WBCE CMS version 1.6.2 that originates from an authenticated user being able to upload malicious PHP files via the Elfinder file manager, which could lead to...

8.8CVSS7.7AI score0.00574EPSS

Exploits0References5

CNNVD•added 2025/12/10 12:0 a.m.•2 views

appRain CMF 代码问题漏洞

appRain CMF is a content management framework from appRain Canada. A code issue vulnerability exists in appRain CMF version 4.0.5 that originates from an authenticated user being able to upload a malicious PHP file via the file manager, which could lead to remote code execution...

8.8CVSS7.6AI score0.00615EPSS

Exploits1References5

RedhatCVE•added 2025/12/05 3:27 p.m.•4 views

CVE-2025-65346

alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The unzip/extraction functionality improperly allows archive contents to be written to arbitrary locations on the filesystem due to insufficient validation of extraction paths...

9.1CVSS7AI score0.00177EPSS

Exploits1References1

OSV•added 2025/12/04 3:30 p.m.•3 views

GHSA-Q5HG-WPPQ-R2CC alexusmai laravel-file-manager is vulnerable to Directory Traversal via the unzip/extraction functionality

9.1CVSS6.9AI score0.00177EPSS

Exploits1References4

Github Security Blog•added 2025/12/04 3:30 p.m.•4 views

alexusmai laravel-file-manager is vulnerable to Directory Traversal via the unzip/extraction functionality

9.1CVSS7AI score0.00177EPSS

Exploits1References5Affected Software1

OSV•added 2025/12/04 3:15 p.m.•3 views

CVE-2025-65346

9.1CVSS6.9AI score0.00177EPSS

Exploits1References3

NVD•added 2025/12/04 3:15 p.m.•4 views

CVE-2025-65346

9.1CVSS0.00177EPSS

Exploits1References3

RedhatCVE•added 2025/12/04 3:17 a.m.•5 views

CVE-2025-65345

alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to create archives containing files and directories outside the intended scope due to improper path validation...

6.5CVSS7AI score0.00027EPSS

Exploits1References1

CNNVD•added 2025/12/04 12:0 a.m.•2 views

Laravel File Manager 安全漏洞

Laravel File Manager is a Laravel file manager by Aleksandr Manekin Personal Developer. A security vulnerability exists in Laravel File Manager 3.3.1 and earlier versions, which stems from the unzip function not adequately validating the extraction path, potentially leading to a directory travers...

9.1CVSS6.5AI score0.00177EPSS

Exploits1References2

Cvelist•added 2025/12/04 12:0 a.m.•20 views

CVE-2025-65346

0.00177EPSS

Exploits1References2

Positive Technologies•added 2025/12/04 12:0 a.m.•4 views

PT-2025-49047

Name of the Vulnerable Software and Affected Versions alexusmai laravel-file-manager versions 3.3.1 and below Description The laravel-file-manager software contains a flaw related to directory traversal. The unzip/extraction functionality does not properly validate extraction paths, which allows...

9.1CVSS6.4AI score0.00177EPSS

Exploits1References7

CVE•added 2025/12/04 12:0 a.m.•9 views

CVE-2025-65346

The CVE affects alexusmai laravel-file-manager up to version 3.3.1, where the unzip/extraction feature lacks proper path validation, enabling directory traversal and potentially writing archive contents to arbitrary filesystem locations. No public fix version is indicated in the provided document...

9.1CVSS6.6AI score0.00177EPSS

Exploits1References3Affected Software1