CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2032 matches found

OSV•added 2024/10/20 9:15 a.m.•1 views

CVE-2024-49331

Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Property Lot Management System allows Upload a Web Shell to a Web Server.This issue affects Property Lot Management System: from n/a through 4.2.38...

8.8CVSS5.8AI score0.00632EPSS

Exploits0References1

OSV•added 2024/10/20 9:15 a.m.•1 views

CVE-2024-49324

Unrestricted Upload of File with Dangerous Type vulnerability in Sovratec Sovratec Case Management allows Upload a Web Shell to a Web Server.This issue affects Sovratec Case Management: from n/a through 1.0.0...

9.8CVSS5.8AI score

Exploits0References1

Positive Technologies•added 2024/10/20 12:0 a.m.•2 views

PT-2024-33565 · Photokit · Photokit

Name of the Vulnerable Software and Affected Versions: photokit versions n/a through 1.0 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling a user to upload a web shell to a web server. This can be exploited to gain unauthorized access to the server...

10CVSS7.2AI score0.00578EPSS

Exploits0References9

Packet Storm•added 2024/10/17 12:0 a.m.•398 views

SofaWiki 3.9.2 Shell Upload

Exploit Title: SofaWiki 3.9.2 - Remote Code Execution RCE via Open Ticket File Upload Date: 10/17/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Version: 3.9.2 Tested on: Windows XP Summary: A remote co...

7.4AI score

Exploits0

0day.today•added 2024/10/07 12:0 a.m.•153 views

MD-Pro 1.0.76 Shell Upload / SQL Injection Vulnerability

Exploit Title: MD-Pro 1.0.76. SQL injection + shell upload Google Dork: intext: Powered by MD-Pro Exploit Author: Emiliano Febbi Vendor Homepage: https://www.opensourcecms.com/wp-content/uploads/MDPro-website-description.png Software Link: https://www.opensourcecms.com/mdpro/ Version: 1.0.76...

7.4AI score

Exploits0

Packet Storm•added 2024/10/04 12:0 a.m.•329 views

MD-Pro 1.0.76 Shell Upload / SQL Injection

Exploit Title: MD-Pro 1.0.76. SQL injection + shell upload Google Dork: intext: Powered by MD-Pro Date: 2024-08-30 Exploit Author: Emiliano Febbi Vendor Homepage: https://www.opensourcecms.com/wp-content/uploads/MDPro-website-description.png Software Link: https://www.opensourcecms.com/mdpro/...

7.4AI score

Exploits0

Packet Storm•added 2024/10/04 12:0 a.m.•247 views

Transport Management System 1.0 Code Injection

============================================================================================================================================= | Title : Transport Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score

Exploits0

Packet Storm•added 2024/10/03 12:0 a.m.•360 views

WordPress GiveWP Donation Fundraising Platform 3.14.1 Code Injection

============================================================================================================================================= | Title : WordPress GiveWP Donation Fundraising Platform 3.14.1 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro /...

7.4AI score

Exploits0

Packet Storm•added 2024/10/03 12:0 a.m.•222 views

AVideo 12.4 Code Injection

============================================================================================================================================= | Title : AVideo 12.4 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits ...

7.4AI score

Exploits0

Packet Storm•added 2024/10/01 12:0 a.m.•222 views

Student Attendance Management System 1.0 Code Injection

============================================================================================================================================= | Title : Student Attendance Management System 1.0 code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

7.4AI score

Exploits0

Packet Storm•added 2024/09/26 12:0 a.m.•226 views

School Log Management System 1.0 Code Injection

============================================================================================================================================= | Title : School Log Management System 1.0 code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score

Exploits0

Packet Storm•added 2024/09/11 12:0 a.m.•338 views

Profiling System 1.0 Shell Upload

============================================================================================================================================= | Title : Profiling System 1.0 code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64...

7.4AI score

Exploits0

Packet Storm•added 2024/09/10 12:0 a.m.•285 views

Online Marriage Registration System 1.0 Shell Upload

============================================================================================================================================= | Title : Online Marriage Registration System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

7.4AI score

Exploits0

Packet Storm•added 2024/09/06 12:0 a.m.•237 views

C-MOR Video Surveillance 5.2401 Remote Shell Upload

Advisory ID: SYSS-2024-026 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401 Tested Versions: 5.2401 Vulnerability Type: Unrestricted Upload of File with Dangerous Type CWE-434 Risk Level: High Solution Status: Fixed Manufacturer Notification: 2024-04-05...

8.8CVSS7.1AI score0.00458EPSS

Exploits2

Positive Technologies•added 2024/08/29 12:0 a.m.•3 views

PT-2024-38945 · Gether Technology · 6Shr System

Name of the Vulnerable Software and Affected Versions: 6SHR system from Gether Technology affected versions not specified Description: The 6SHR system from Gether Technology does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload web shell scrip...

8.8CVSS8AI score0.01928EPSS

Exploits0References11

Packet Storm•added 2024/08/29 12:0 a.m.•202 views

eClass LMS 6.2.0 Insecure Settings / Shell Upload

==================================================================================================================================== | Title : eClass LMS v6.2.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | |...

7.4AI score

Exploits0

Packet Storm•added 2024/08/23 12:0 a.m.•239 views

Crime Complaints Reporting Management System 1.0 Shell Upload

============================================================================================================================================= | Title : Crime Complaints Reporting Management System 1.0 code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

7.4AI score

Exploits0

Packet Storm•added 2024/08/23 12:0 a.m.•339 views

CMSsite 1.0 Shell Upload

============================================================================================================================================= | Title : CMSsite 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits ...

7.4AI score

Exploits0