Lucene search
K

64 matches found

EUVD
EUVD
added 2026/06/19 2:16 p.m.8 views

EUVD-2021-34851

Brother SAPSprint 7.60 contains an unquoted service path vulnerability in the SAPSprint service binary that allows local attackers to escalate privileges. Attackers can place a malicious executable in the Program Files directory path to be executed with LocalSystem privileges when the service...

8.5CVSS5.8AI score0.00115EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-50920

Name of the Vulnerable Software and Affected Versions Brother SAPSprint version 7.60 Description An unquoted service path issue exists in the SAPSprint service binary. This allows local attackers to escalate privileges by placing a malicious executable in the Program Files directory path, which i...

8.5CVSS5.9AI score0.00115EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.11 views

PT-2026-50918

Name of the Vulnerable Software and Affected Versions Winstep version 18.06.0096 Description The Winstep Xtreme Service contains an unquoted service path issue. This occurs when a service path contains spaces and is not enclosed in quotes, allowing a local attacker to place a malicious executable...

8.5CVSS5.8AI score0.00109EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-50913

Name of the Vulnerable Software and Affected Versions Matrix42 Remote Control Host version 3.20.0031 Description An unquoted service path issue exists in the FastViewerRemoteService and FastViewerRemoteProxy services. This allows local users to execute arbitrary code with SYSTEM privileges by...

8.5CVSS6.1AI score0.00119EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/16 3:26 p.m.37 views

CVE-2020-37247 Kite 4.2.0.1 U1 Unquoted Service Path Privilege Escalation

Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...

8.5CVSS0.00115EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/10 12:44 p.m.11 views

CVE-2021-47945 Argus Surveillance DVR 4.0 Unquoted Service Path Privilege Escalation

Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...

8.5CVSS5.8AI score0.00109EPSS
Exploits0References2
CVE
CVE
added 2026/05/10 12:44 p.m.27 views

CVE-2021-47945

CVE-2021-47945 affects Argus Surveillance DVR 4.0 through an unquoted service path in the DVRWatchdog service. The root cause is the unquoted binary path, enabling a local attacker to escalate privileges by placing a malicious executable in the Program Files directory, which the service will exec...

8.5CVSS5.8AI score0.00109EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/10 12:43 p.m.7 views

CVE-2021-47943

TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through the file upload functionality. Attackers can upload a PHP shell via the Files section in the content area and execute...

8.8CVSS6.6AI score0.00617EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/10 12:43 p.m.8 views

CVE-2021-47943

TextPattern CMS 4.8.7 is affected by a remote code execution (RCE) vulnerability exploitable via file upload. The flaw allows authenticated attackers to upload PHP files (a PHP shell) through the Files section in the content area and trigger code execution by accessing the uploaded file at /textp...

8.8CVSS6.6AI score0.00617EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/04 3:30 p.m.4 views

EUVD-2016-10860

Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snewsfiles directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by...

9.8CVSS6.4AI score0.00951EPSS
Exploits1References3
NVD
NVD
added 2026/04/04 2:16 p.m.3 views

CVE-2016-20052

Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snewsfiles directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by...

9.8CVSS0.00951EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/04 1:50 p.m.1 views

CVE-2016-20052

Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snewsfiles directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by...

9.8CVSS6.4AI score0.00951EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/04/04 1:50 p.m.9 views

CVE-2016-20052

CVE-2016-20052 affects Snews CMS 1.7 and describes an unrestricted file upload vulnerability exploitable by unauthenticated attackers. The issue allows uploading arbitrary files—including PHP executables—to the snews_files directory via the multipart form-data upload endpoint. Attackers can then ...

9.8CVSS6.4AI score0.00951EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/03/10 1:2 a.m.3 views

EUVD-2026-10340

Actual Sync Server has an Authenticated Path Traversal...

5.3CVSS5.8AI score0.00377EPSS
Exploits1References6
GitLab Advisory Database
GitLab Advisory Database
added 2026/03/10 12:0 a.m.11 views

Actual Sync Server has an Authenticated Path Traversal

Actual Sync Server allows authenticated users to upload files through POST /sync/upload-user-file. In versions prior to 26.3.0, improper validation of the user-controlled x-actual-file-id header means that traversal segments ../ can escape the intended directory and write files outside userFiles...

6.5CVSS5.8AI score0.00377EPSS
Exploits1References7Affected Software1
EUVD
EUVD
added 2026/03/06 3:31 p.m.6 views

EUVD-2018-21619

EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated attackers to access sensitive files by requesting them directly from the files directory. Attackers can send GET requests to the files directory to download database files like db.sq3 containing application...

8.7CVSS5.9AI score0.00266EPSS
Exploits0References3
NVD
NVD
added 2026/03/06 1:15 p.m.8 views

CVE-2018-25164

EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated attackers to access sensitive files by requesting them directly from the files directory. Attackers can send GET requests to the files directory to download database files like db.sq3 containing application...

8.7CVSS0.00266EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/06 12:18 p.m.4 views

CVE-2018-25164 EverSync 0.5 Arbitrary File Download via files Directory

EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated attackers to access sensitive files by requesting them directly from the files directory. Attackers can send GET requests to the files directory to download database files like db.sq3 containing application...

8.7CVSS5.9AI score0.00266EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/06 12:18 p.m.28 views

CVE-2018-25164 EverSync 0.5 Arbitrary File Download via files Directory

EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated attackers to access sensitive files by requesting them directly from the files directory. Attackers can send GET requests to the files directory to download database files like db.sq3 containing application...

8.7CVSS0.00266EPSS
Exploits0References2
CVE
CVE
added 2026/03/06 12:18 p.m.10 views

CVE-2018-25164

CVE-2018-25164 affects EverSync 0.5, enabling unauthenticated arbitrary file download via the files directory. The vulnerability allows direct GET requests to download sensitive files (e.g., database file db.sq3) containing application data and credentials. Reported CVSS scores indicate high impa...

8.7CVSS5.9AI score0.00266EPSS
Exploits0References2
Rows per page
Query Builder