Lucene search
K

409 matches found

Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.12 views

PT-2026-3033

Name of the Vulnerable Software and Affected Versions Chikitsa Patient Management System version 2.0.2 Description The software contains an authenticated remote code execution issue in the backup restoration functionality. An authenticated attacker can upload a modified backup zip file containing...

8.8CVSS6.6AI score0.0076EPSS
Exploits1References8
GithubExploit
GithubExploit
added 2026/01/11 7:48 p.m.532 views

SweetRice-CMS-1.5.1-RCE-Exploit

SweetRice CMS 1.5.1 RCE Exploit Overview SweetRice CMS 1.5...

7.8AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/24 7:50 a.m.250 views

Poultry-Farm-Management-System-v1.0-RCE-POC

Poultry Farm Management System v1.0 - RCE Exploit Vulnera...

8.8AI score
Exploits0
OSV
OSV
added 2025/12/23 8:15 p.m.6 views

CVE-2021-47736

CMSimpleXH 1.7.4 contains an authenticated remote code execution vulnerability in the content editing functionality that allows administrative users to upload malicious PHP files. Attackers with valid credentials can exploit the CSRF token mechanism to create a PHP shell file that enables arbitra...

8.6CVSS8.3AI score0.00926EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/12/16 8:44 p.m.6 views

CVE-2023-53892

Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the jquery plugin manager. Attackers can upload a zip file with a PHP shell script and execute arbitrary system commands by accessing the uploaded plugin'...

8.6CVSS8.6AI score0.00783EPSS
Exploits1References1
OSV
OSV
added 2025/12/15 8:28 p.m.5 views

CVE-2023-53892 Blackcat CMS 1.4 Remote Code Execution via Jquery Plugin Manager

Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the jquery plugin manager. Attackers can upload a zip file with a PHP shell script and execute arbitrary system commands by accessing the uploaded plugin'...

8.6CVSS6.8AI score0.00783EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/15 8:28 p.m.5 views

CVE-2023-53892 Blackcat CMS 1.4 Remote Code Execution via Jquery Plugin Manager

Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the jquery plugin manager. Attackers can upload a zip file with a PHP shell script and execute arbitrary system commands by accessing the uploaded plugin'...

8.6CVSS8.3AI score0.00783EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/15 8:28 p.m.22 views

CVE-2023-53892 Blackcat CMS 1.4 Remote Code Execution via Jquery Plugin Manager

Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the jquery plugin manager. Attackers can upload a zip file with a PHP shell script and execute arbitrary system commands by accessing the uploaded plugin'...

8.6CVSS0.00783EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.7 views

PT-2025-51310

Name of the Vulnerable Software and Affected Versions Blackcat CMS version 1.4 Description Blackcat CMS version 1.4 has a remote code execution issue. Authenticated administrators can upload malicious PHP files using the jquery plugin manager. An attacker can upload a zip file containing a PHP...

8.6CVSS8.3AI score0.00783EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/12/11 10:1 p.m.7 views

CVE-2024-58282

Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload mechanism by creating a PHP shell with a command execution form that enables...

8.6CVSS8.3AI score0.00892EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/12/10 9:13 p.m.3 views

CVE-2024-58280 CMSimple 5.15 Remote Command Execution via Extensions Configuration

CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP files. Attackers can append ',php' to Extensionsuserfiles and upload a shell script to the media directory to execute arbitrary code on the server...

8.6CVSS7.9AI score0.00823EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2025/10/21 6:2 p.m.9 views

Shopware vulnerable to path traversal via Plugin upload

Impact Malicious actors can exploit this vulnerability to write files within arbitrary directories on the filesystem of the Shopware web container. This could allow them to gain persistent shell access by uploading a PHP-shell file to an accessible folder. It is important to note that this...

7.2AI score
Exploits0References3Affected Software2
EUVD
EUVD
added 2025/10/07 12:30 a.m.14 views

EUVD-2021-11893

Malware in sbrugna...

7.5CVSS7.4AI score0.00811EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2012-1120

Malware in sbrugna...

6.8CVSS6.4AI score0.00629EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-4411

Malware in sbrugna...

7.2CVSS7.3AI score0.01495EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-7298

Malware in sbrugna...

9CVSS7AI score0.02206EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-1119

Malware in sbrugna...

3.5CVSS6.4AI score0.00925EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-27595

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.0148EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-33048

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.09183EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-37643

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0193EPSS
Exploits1References1
Rows per page
Query Builder