Lucene search
K

18 matches found

CNNVD
CNNVD
added 2025/12/23 12:0 a.m.3 views

CMSimple_XH 代码注入漏洞

CMSimpleXH is a PHP-based content management system derived from the original CMSimple project and belongs to its offshoot version. CMSimpleXH suffers from a code execution vulnerability that stems from the content editing functionality not securely restricting or filtering code input when...

8.6CVSS6.4AI score0.00926EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.4 views

SPIP 跨站脚本漏洞

SPIP is a free software for creating Internet sites from the SPIP open source. A cross-site scripting vulnerability exists in SPIP version 4.1.10, which stems from improper file upload filtering and could lead to an attacker uploading malicious SVG files...

8.8CVSS6AI score0.00265EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/11/04 9:8 a.m.8 views

CVE-2025-48396

Arbitrary code execution is possible due to improper validation of the file upload functionality in Eaton BLSS. This security issue has been fixed in the latest script patch latest version of of Eaton BLSS 7.3.0.SCP004...

8.3CVSS7.5AI score0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/03 7:57 a.m.6 views

CVE-2025-48396

Arbitrary code execution is possible due to improper validation of the file upload functionality in Eaton BLSS. This security issue has been fixed in the latest script patch latest version of of Eaton BLSS 7.3.0.SCP004...

8.3CVSS0.00301EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/18 11:44 a.m.8 views

CVE-2023-28814

Some versions of Hikvision's iSecure Center Product have an improper file upload control vulnerability. Due to the improper verification of file to be uploaded, attackers may upload malicious files to the server. iSecure Center is software released for China's domestic market only, with no overse...

9.8CVSS7AI score0.00458EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/17 11:7 a.m.2 views

EUVD-2023-32449

Some versions of Hikvision's iSecure Center Product have an improper file upload control vulnerability. Due to the improper verification of file to be uploaded, attackers may upload malicious files to the server. iSecure Center is software released for China's domestic market only, with no overse...

9.8CVSS6.5AI score0.00458EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/17 11:7 a.m.8 views

CVE-2023-28814

Some versions of Hikvision's iSecure Center Product have an improper file upload control vulnerability. Due to the improper verification of file to be uploaded, attackers may upload malicious files to the server. iSecure Center is software released for China's domestic market only, with no overse...

9.8CVSS0.00458EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/17 12:0 a.m.5 views

Hikvision iSecure Center 安全漏洞

Hikvision iSecure Center is an integrated security management platform from Hikvision China. A security vulnerability exists in Hikvision iSecure Center that stems from improper file upload validation, which could result in the upload of malicious files...

9.8CVSS6.9AI score0.00458EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-23681

Malware in sbrugna...

7.5CVSS7.6AI score0.00636EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:40 p.m.9 views

CVE-2021-37105

There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal...

7.5CVSS6.9AI score0.00636EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/17 12:0 a.m.6 views

Learning Digital Orca HCM 代码问题漏洞

Learning Digital Orca HCM is a digital learning platform from China-based Learning Digital. A code issue vulnerability exists in Learning Digital Orca HCM, which stems from an improper implementation of the file upload functionality. An attacker can exploit the vulnerability to upload and run a W...

8.8CVSS7AI score0.00483EPSS
Exploits0References2
Veracode
Veracode
added 2024/05/16 6:19 a.m.19 views

Unrestricted File Upload

cockpit-hq/cockpit is vulnerable to Unrestricted File Upload. The vulnerability is due to an improper file upload checks within the /media/api POST endpoint which can be exploited to compromise the system's integrity, allowing unauthorized access or data manipulation...

9.8CVSS6.8AI score0.00719EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2021/09/28 3:15 p.m.12 views

CVE-2021-37105

There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal...

7.5CVSS0.00636EPSS
Exploits0References1
Prion
Prion
added 2021/09/28 3:15 p.m.16 views

Unrestricted file upload

There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal...

4.3CVSS7.5AI score0.00636EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/09/28 2:3 p.m.49 views

CVE-2021-37105

CVE-2021-37105 affects Huawei FusionCompute (VRM/CNA) with an improper file upload control vulnerability. FusionCompute versions 6.5.0, 6.5.1 and 8.0.0 fail to properly verify uploaded files or restrict file access paths, enabling an attacker to upload malicious files and cause service abnormalit...

7.5CVSS7.5AI score0.00636EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/28 2:3 p.m.15 views

CVE-2021-37105

There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal...

7.7AI score0.00636EPSS
Exploits0References1
Huawei
Huawei
added 2021/09/22 12:0 a.m.33 views

Security Advisory - Improper File Upload Control Vulnerability in Huawei FusionCompute Product

There is an improper file upload control vulnerability in Huwei FusionCompute product. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal. Vulnerability...

7.5CVSS7.5AI score0.00636EPSS
Exploits0Affected Software1
Prion
Prion
added 2020/01/23 10:15 p.m.17 views

Unrestricted file upload

WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to execute arbitrary PHP code via improper file upload...

7.5CVSS8.1AI score0.1626EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder