Lucene search
K

28 matches found

Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.5 views

PT-2026-35959

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function save menu of the file /admin/admin class novo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

5.8CVSS4.8AI score0.00268EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-2213

Malware in sbrugna...

9CVSS6.4AI score0.02864EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-52944

Malicious code in bioql PyPI...

10CVSS8.9AI score0.00743EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-22422

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.06862EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-42906

Malicious code in bioql PyPI...

9.9CVSS6.5AI score0.00482EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-10667

Malicious code in bioql PyPI...

9.1CVSS9.2AI score0.00592EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-10465

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.00386EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-4778

Malicious code in bioql PyPI...

10CVSS6.6AI score0.00891EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/26 6:2 a.m.12 views

CVE-2025-9476 SourceCodester Human Resource Information System editemployee_process.php unrestricted upload

A vulnerability has been found in SourceCodester Human Resource Information System 1.0. Affected by this issue is some unknown functionality of the file /SuperadminDashboard/process/editemployeeprocess.php. Such manipulation of the argument employeefile201 leads to unrestricted upload. The attack...

7.5CVSS0.00455EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/23 3:52 a.m.9 views

CVE-2023-33404

An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code...

9.8CVSS7.3AI score0.25782EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/16 1:31 a.m.19 views

CVE-2025-4735 Campcodes Sales and Inventory System product.php unrestricted upload

A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pages/product.php. The manipulation of the argument Picture leads to unrestricted upload. The attack can be launched...

6.5CVSS0.00335EPSS
Exploits1References5
NVD
NVD
added 2025/04/17 4:15 p.m.13 views

CVE-2025-32682

Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through = 8.6.4...

9.9CVSS0.00447EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/08/14 11:57 a.m.54 views

CVE-2024-39397 Adobe Commerce | Unrestricted Upload of File with Dangerous Type (CWE-434)

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. An attacker could exploit this vulnerability by uploading a malicious file whic...

9CVSS0.01096EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/20 10:31 p.m.12 views

CVE-2024-5145 SourceCodester Vehicle Management System HTTP POST Request newdriver.php unrestricted upload

A vulnerability was found in SourceCodester Vehicle Management System up to 1.0 and classified as critical. This issue affects some unknown processing of the file /newdriver.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to unrestricted upload. The...

6.5CVSS7AI score0.00714EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/05/16 6:0 a.m.9 views

CVE-2024-4961 D-Link DAR-7000-40 onlineuser.php unrestricted upload

UNSUPPORTED WHEN ASSIGNED A vulnerability classified as critical was found in D-Link DAR-7000-40 V31R02B1413C. Affected by this vulnerability is an unknown functionality of the file /user/onlineuser.php. The manipulation of the argument fileupload leads to unrestricted upload. The attack can be...

6.5CVSS6.9AI score0.02311EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.29 views

Hitachi Energy's RTU500 series Unrestricted Upload of File with Dangerous Type (CVE-2024-1532)

A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could enforce diagnostic texts being displayed as empty strings, if an authorized user uploads a specially crafted stb-language file. This plugin only works wit...

6.8CVSS5.4AI score0.00568EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.3 views

PT-2024-22636 · Tumult · Tumult Hype Animations

Name of the Vulnerable Software and Affected Versions: Tumult Hype Animations versions 1.9.12 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type, which affects Tumult Hype Animations. Recommendations: For versions 1.9.12 and earlier, update to a...

9.1CVSS7.1AI score0.00679EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/26 8:39 p.m.30 views

CVE-2023-38388 WordPress Jupiter X Core plugin <= 3.3.5 - Unauth. Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from n/a through 3.3.5...

9CVSS9.3AI score0.01374EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/26 12:0 a.m.4 views

WordPress Plugin WP Githuber MD 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin WP Githuber MD suffer...

9.1CVSS8.9AI score0.00603EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/06 10:31 p.m.12 views

CVE-2024-1262 Juanpao JPShop API MaterialController.php actionUpdate unrestricted upload

A vulnerability, which was classified as critical, has been found in Juanpao JPShop up to 1.5.02. This issue affects the function actionUpdate of the file /api/controllers/merchant/design/MaterialController.php of the component API. The manipulation of the argument picurl leads to unrestricted...

6.5CVSS7.2AI score0.00592EPSS
Exploits0References3
Rows per page
Query Builder