Lucene search
+L

86 matches found

Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-58409 ChurchCRM: Authenticated Remote Code Execution (RCE) via Malicious Plugin Upload

ChurchCRM is an open-source church management system. Prior to version 7.4.0, an authenticated administrator can achieve Remote Code Execution RCE on the server by installing a malicious plugin ZIP archive containing a PHP webshell. The application explicitly includes 'php' in its ALLOWEDEXTENSIO...

9.1CVSS0.00456EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago3 views

CVE-2026-58409

ChurchCRM is an open-source church management system. Prior to version 7.4.0, an authenticated administrator can achieve Remote Code Execution RCE on the server by installing a malicious plugin ZIP archive containing a PHP webshell. The application explicitly includes 'php' in its ALLOWEDEXTENSIO...

9.1CVSS6.2AI score0.00456EPSS
Exploits0References2Affected Software1
OSV
OSV
added 6 days ago4 views

CVE-2026-58409 ChurchCRM: Authenticated Remote Code Execution (RCE) via Malicious Plugin Upload

ChurchCRM is an open-source church management system. Prior to version 7.4.0, an authenticated administrator can achieve Remote Code Execution RCE on the server by installing a malicious plugin ZIP archive containing a PHP webshell. The application explicitly includes 'php' in its ALLOWEDEXTENSIO...

9.1CVSS6.2AI score0.00456EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.12 views

CVE-2026-37748

Visitor Management System 1.0 by sanjay1313 is vulnerable to Unrestricted File Upload in vms/php/adminuserinsert.php and vms/php/update1.php. The moveuploadedfile function is called without any MIME type, extension, or content validation, allowing an authenticated admin to upload a PHP webshell a...

7.2CVSS5.7AI score0.00807EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/05/16 6:51 p.m.253 views

Exploit for CVE-2026-38526

CVE-2026-38526 | Krayin CRM v2.2.x Authenticated RCE - Unrestr...

9.9CVSS6.5AI score0.02759EPSS
Exploits11
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.13 views

PT-2026-40811

Name of the Vulnerable Software and Affected Versions CubeCart versions prior to 6.7.0 Description An authenticated arbitrary file upload flaw exists in the REST API File Manager endpoint "POST /api/v1/files". Users possessing an API key with files:rw permissions can upload PHP source files to th...

9.1CVSS6.3AI score0.00585EPSS
Exploits0References5
CVE
CVE
added 2026/05/09 7:44 p.m.35 views

CVE-2026-42605

AzuraCast (prior to 0.23.6) has a path traversal remote code execution flaw in the media upload flow. The currentDirectory parameter in FlowUploadAction is not sanitized, allowing an authenticated user with media permissions to place files outside the station media directory when using local file...

8.8CVSS6.5AI score0.00832EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/05/09 7:44 p.m.4 views

CVE-2026-42605 AzuraCast: Path Traversal in `currentDirectory` Parameter Enables Remote Code Execution via Media Upload

AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the currentDirectory request parameter in the Flow.js media upload endpoint POST /api/station/stationid/files/upload is not sanitized for path traversal sequences. When combined with a local filesystem...

8.8CVSS6.6AI score0.00832EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/05/07 2:20 a.m.13 views

CVE-2026-6249

Vvveb CMS 1.0.8.2 contains a remote code execution vulnerability in its media upload handler that allows authenticated attackers to execute arbitrary operating system commands by uploading a PHP webshell with a .phtml extension. Attackers can bypass the extension deny-list and upload malicious...

8.8CVSS6.7AI score0.00624EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2026/05/07 12:0 a.m.81 views

Bludit CMS 3.18.4 - RCE

Exploit Title: Bludit CMS 3.18.4 - RCE Date: 2026-03-28 Exploit Author: Yahia Hamza https://yh.do Vendor Homepage: https://www.bludit.com/ Software Link: https://github.com/bludit/bludit/archive/refs/tags/3.18.2.zip Version: Bludit . The uploadFile function performs no file extension or content...

8.8CVSS5.8AI score0.01919EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.16 views

PT-2026-37204

Name of the Vulnerable Software and Affected Versions AzuraCast versions prior to 0.23.6 Description An issue exists in the Flow.js media upload endpoint 'POST /api/station/station id/files/upload' where the currentDirectory request parameter is not sanitized for path traversal sequences. When...

8.8CVSS6.5AI score0.00832EPSS
Exploits1References11
Vulnrichment
Vulnrichment
added 2026/04/30 4:8 p.m.4 views

CVE-2022-50993 Weaver E-office < 10.0_20221201 Unauthenticated Arbitrary File Read via XmlRpcServlet

Weaver Fanwei E-office versions prior to 10.020221201 contain an unauthenticated arbitrary file upload vulnerability in the OfficeServer.php endpoint that allows remote attackers to upload malicious files by sending multipart POST requests with arbitrary filenames and disguised content types...

9.8CVSS6.7AI score0.00774EPSS
Exploits0References4
CVE
CVE
added 2026/04/30 4:8 p.m.20 views

CVE-2022-50993

CVE-2022-50993 affects Weaver (Fanwei) E-office, prior to version 10.0_20221201. The OfficeServer.php endpoint is vulnerable to unauthenticated arbitrary file upload, allowing remote attackers to POST multipart data with arbitrary filenames and disguised content types to upload PHP web shells int...

9.8CVSS6.8AI score0.00774EPSS
In wildExploits0References4
Cvelist
Cvelist
added 2026/04/21 12:0 a.m.37 views

CVE-2026-37748

Visitor Management System 1.0 by sanjay1313 is vulnerable to Unrestricted File Upload in vms/php/adminuserinsert.php and vms/php/update1.php. The moveuploadedfile function is called without any MIME type, extension, or content validation, allowing an authenticated admin to upload a PHP webshell a...

0.00807EPSS
Exploits1References2
CVE
CVE
added 2026/04/21 12:0 a.m.19 views

CVE-2026-37748

CVE-2026-37748 affects Visitor Management System 1.0 by sanjay1313. The vulnerability is an Unrestricted File Upload in vms/php/admin_user_insert.php and vms/php/update_1.php, where move_uploaded_file() runs without MIME type, extension, or content validation. This allows an authenticated admin t...

7.2CVSS5.9AI score0.00807EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/20 7:57 p.m.6 views

CVE-2026-6249

Vvveb CMS 1.0.8.2 contains a remote code execution vulnerability in its media upload handler that allows authenticated attackers to execute arbitrary operating system commands by uploading a PHP webshell with a .phtml extension. Attackers can bypass the extension deny-list and upload malicious...

8.8CVSS6.7AI score0.00624EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/20 7:57 p.m.3 views

CVE-2026-6249 Vvveb CMS 1.0.8.2 Remote Code Execution via Media Upload

Vvveb CMS 1.0.8.2 contains a remote code execution vulnerability in its media upload handler that allows authenticated attackers to execute arbitrary operating system commands by uploading a PHP webshell with a .phtml extension. Attackers can bypass the extension deny-list and upload malicious...

8.8CVSS6.7AI score0.00624EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.8 views

CVE-2026-40484

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from the Images/ directory into the web-accessible document root using recursiveCopyDirectory, which performs no file...

9.1CVSS6.3AI score0.00867EPSS
Exploits0References1
NVD
NVD
added 2026/04/18 12:16 a.m.5 views

CVE-2026-40484

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from the Images/ directory into the web-accessible document root using recursiveCopyDirectory, which performs no file...

9.1CVSS0.00867EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/17 11:25 p.m.4 views

CVE-2026-40484 ChurchCRM: Authenticated Remote Code Execution via Unrestricted PHP File Write in Database Restore Function

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from the Images/ directory into the web-accessible document root using recursiveCopyDirectory, which performs no file...

9.1CVSS6.3AI score0.00867EPSS
Exploits0References3
Rows per page
Query Builder