Lucene search
K

16 matches found

GithubExploit
GithubExploit
added 2026/05/26 12:50 p.m.71 views

Exploit for CVE-2026-5364

CVE-2026-5364 CVE-2026-5364 is a CVSS 8.1 High Unauthenticat...

8.1CVSS5.8AI score0.0106EPSS
Exploits1
Cvelist
Cvelist
added 2026/03/03 10:59 p.m.24 views

CVE-2026-28289 FreeScout 1.8.206 Patch Bypass for CVE-2026-27636 via Zero-Width Space Character Leads to Remote Code Execution

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. A patch bypass vulnerability for CVE-2026-27636 in FreeScout 1.8.206 and earlier allows any authenticated user with file upload permissions to achieve Remote Code Execution RCE on the server by uploading a maliciou...

10CVSS0.3114EPSS
Exploits3References2
EUVD
EUVD
added 2026/03/03 10:59 p.m.7 views

EUVD-2026-9347

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. A patch bypass vulnerability for CVE-2026-27636 in FreeScout 1.8.206 and earlier allows any authenticated user with file upload permissions to achieve Remote Code Execution RCE on the server by uploading a maliciou...

10CVSS6.1AI score0.3114EPSS
Exploits4References2
OSV
OSV
added 2025/10/27 3:15 a.m.5 views

CVE-2025-12203

A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing a manipulation of the argument File can lead to path traversal. The attack can be launched remotely. The exploit...

4.9CVSS6AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2025/10/27 2:2 a.m.5 views

CVE-2025-12203

A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing a manipulation of the argument File can lead to path traversal. The attack can be launched remotely. The exploit...

6.5CVSS5.1AI score0.00357EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2025/10/27 2:2 a.m.5 views

EUVD-2025-36065

A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing manipulation of the argument File can lead to path traversal. The attack can be launched remotely. The exploit ha...

6.5CVSS6.4AI score0.00357EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.7 views

PT-2025-43861

Name of the Vulnerable Software and Affected Versions givanz Vvveb versions up to 1.0.7.3 Description A weakness exists in givanz Vvveb related to path traversal. This issue affects the sanitizeFileName function within the system/functions.php file of the Code Editor component. Manipulation of th...

6.5CVSS6.5AI score0.00357EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2016-6774

Malware in sbrugna...

7.5CVSS7.4AI score0.02574EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-5839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress before 4.5.3 allows remote attackers to bypass the sanitizefilename protection mechanism via unspecified vectors. CVE-2016-5839 Note that Nessus relie...

7.5CVSS7.3AI score0.02574EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/08/14 12:0 a.m.4 views

The vulnerabilities of the formatting.php and SanitizeFileName.php components of the WordPress content management system allow attackers to compromise data integrity.

The vulnerability of the formatting.php and SanitizeFileName.php components of the WordPress content management system is related to deficiencies in the security measures used to protect web page structures. Exploiting this vulnerability could allow an attacker to compromise the integrity of data...

5.4CVSS6.7AI score0.02092EPSS
Exploits0References4Affected Software2
UbuntuCve
UbuntuCve
added 2018/04/12 5:29 p.m.29 views

CVE-2018-1079

pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from the /remote/putfile query. If the /etc/booth directory exists, an authenticated attacker with...

8.7CVSS7AI score0.01101EPSS
Exploits0References2
CNVD
CNVD
added 2016/07/01 12:0 a.m.3 views

WordPress Security Bypass Vulnerability (CNVD-2016-04465)

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security bypass vulnerability exists in WordPress 4.5.2 and earlier versions. A remote attacker can exploit...

7.5CVSS6.8AI score0.02574EPSS
Exploits0References1
OSV
OSV
added 2016/06/29 2:10 p.m.1 views

DEBIAN-CVE-2016-5839

WordPress before 4.5.3 allows remote attackers to bypass the sanitizefilename protection mechanism via unspecified vectors...

7.5CVSS7.3AI score0.02574EPSS
Exploits0References1
OSV
OSV
added 2016/06/29 2:10 p.m.2 views

UBUNTU-CVE-2016-5839

WordPress before 4.5.3 allows remote attackers to bypass the sanitizefilename protection mechanism via unspecified vectors...

7.5CVSS7.1AI score0.02574EPSS
Exploits0References4
Prion
Prion
added 2016/06/29 2:10 p.m.16 views

Design/Logic Flaw

WordPress before 4.5.3 allows remote attackers to bypass the sanitizefilename protection mechanism via unspecified vectors...

5CVSS7AI score0.02574EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2016/06/29 2:0 p.m.78 views

CVE-2016-5839

CVE-2016-5839 affects WordPress prior to 4.5.3, where the sanitize_file_name protection mechanism can be bypassed via unspecified vectors, enabling remote attackers to potentially bypass filename sanitization. Publicly documented in multiple advisories connected to WordPress, including Debian DSA...

7.5CVSS7.4AI score0.02574EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder