Lucene search
K

22 matches found

OSV
OSV
added 2026/05/06 9:31 p.m.9 views

GHSA-R747-33R4-RMJW Duplicate Advisory: OpenClaw: QQBot direct media upload skipped URL SSRF validation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-c4qg-j8jg-42q5. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in QQBot direct media upload that skip...

6.3CVSS5.7AI score0.00236EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 9:31 p.m.22 views

EUVD-2026-28199

OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in QQBot direct media upload that skips URL validation. Attackers can bypass SSRF protections by sending crafted image URLs to uploadC2CMedia and uploadGroupMedia endpoints to relay unintended requests...

6.3CVSS5.8AI score0.00236EPSS
Exploits0References4
CVE
CVE
added 2026/05/06 6:42 p.m.10 views

CVE-2026-41938

Vvveb

8.8CVSS6.6AI score0.00541EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 9:31 p.m.4 views

EUVD-2026-23948

Vvveb CMS 1.0.8 contains a remote code execution vulnerability in its media upload handler that allows authenticated attackers to execute arbitrary operating system commands by uploading a PHP webshell with a .phtml extension. Attackers can bypass the extension deny-list and upload malicious file...

8.8CVSS6.8AI score0.00624EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/04/06 9:49 p.m.9 views

WordPress Kadence Blocks - Page Builder Toolkit for Gutenberg Editor plugin <= 3.6.3 - Missing Authorization to Authenticated (Contributor+) Media Upload vulnerability

WordPress Kadence Blocks - Page Builder Toolkit for Gutenberg Editor plugin = 3.6.3 - Missing Authorization to Authenticated Contributor+ Media Upload vulnerability discovered by lucsob in WordPress Plugin Gutenberg Blocks by Kadence Blocks versions = 3.6.3...

4.3CVSS5.9AI score0.00301EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/12 6:32 p.m.5 views

EUVD-2026-11609

Tina: Path Traversal in Media Upload Handle...

7.4CVSS5.8AI score0.00325EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/12/16 6:56 a.m.5 views

CVE-2025-11363

The Royal Addons for Elementor WordPress plugin before 1.7.1037 does not have proper authorisation, allowing unauthenticated users to upload media files via the wpraddonsuploadfile action...

5.3CVSS7AI score0.00273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 10:1 p.m.7 views

CVE-2024-58282

Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload mechanism by creating a PHP shell with a command execution form that enables...

8.6CVSS8.3AI score0.00892EPSS
Exploits1References1
Snyk
Snyk
added 2025/12/10 9:46 p.m.4 views

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the media upload functionality. An attacker can execute arbitrary code on the server by uploading a specially crafted PHP file after authenticating. Remediation Upgrade dotclear/dotclear to version 2.31 or...

8.8CVSS7.9AI score0.00824EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/11/27 12:0 a.m.13 views

PT-2025-48254

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'ays chatgpt save wp media' function in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to...

5.3CVSS5.5AI score0.00249EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27784

Malicious code in bioql PyPI...

5.4CVSS6.4AI score0.00388EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-16744

Malicious code in bioql PyPI...

7.2CVSS7AI score0.0021EPSS
Exploits0References2
NVD
NVD
added 2025/06/03 3:15 a.m.11 views

CVE-2025-4224

The wpForo + wpForo Advanced Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via media upload names in all versions up to, and including, 3.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

7.2CVSS0.0021EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:16 a.m.5 views

CVE-2023-41318

matrix-media-repo is a highly customizable multi-domain media repository for the Matrix chat ecosystem. In affected versions an attacker could upload a malicious piece of media to the media repo, which would then be served with Content-Disposition: inline upon download. This vulnerability could b...

5.4CVSS7AI score0.00433EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:37 p.m.6 views

CVE-2021-25971

In Camaleon CMS, versions 2.0.1 to 2.6.0 are vulnerable to an Uncaught Exception. The app's media upload feature crashes permanently when an attacker with a low privileged access uploads a specially crafted .svg file...

4.3CVSS6.7AI score0.00976EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:37 p.m.11 views

CVE-2021-25972

In Camaleon CMS, versions 2.1.2.0 to 2.6.0, are vulnerable to Server-Side Request Forgery SSRF in the media upload feature, which allows admin users to fetch media files from external URLs but fails to validate URLs referencing to localhost or other internal servers. This allows attackers to read...

4.9CVSS6.5AI score0.00954EPSS
Exploits0
CNNVD
CNNVD
added 2024/06/12 12:0 a.m.3 views

Strapi Security Vulnerabilities

Strapi is an open source content management system CMS. A security vulnerability exists in Strapi versions prior to 4.22.0 that stems from a denial-of-service vulnerability in the media upload process that causes the server to crash...

6.5CVSS6.8AI score0.00736EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/06/22 4:15 p.m.6 views

CVE-2022-23080

In directus versions v9.0.0-beta.2 through 9.6.0 are vulnerable to server-side request forgery SSRF in the media upload functionality which allows a low privileged user to perform internal network port scans...

5CVSS5.8AI score0.00785EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/06/14 5:15 p.m.2 views

CVE-2021-42675

Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution...

9.8CVSS6.1AI score0.02243EPSS
Exploits1References4
Prion
Prion
added 2022/02/28 9:15 a.m.19 views

Cross site request forgery (csrf)

The Logo Showcase with Slick Slider WordPress plugin before 2.0.1 does not have CSRF check in the lswsssaveattachmentdata AJAX action, allowing attackers to make a logged in high privilege user, change title, description, alt text, and URL of arbitrary uploaded media...

4.3CVSS4.7AI score0.00464EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder