Lucene search
K

51 matches found

CNNVD
CNNVD
added 2022/04/06 12:0 a.m.3 views

Dascom eZiosuite 代码问题漏洞

Dascom eZiosuite is a management system from the Chinese company Dascom. A security vulnerability exists in Dascom eZiosuite version 2.0.7, which can be exploited by attackers to upload arbitrary files...

8.8CVSS8AI score0.00961EPSS
Exploits1References2
NVD
NVD
added 2022/01/03 2:15 p.m.36 views

CVE-2021-45428

TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats...

9.8CVSS0.56931EPSS
Exploits5References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/08/13 10:15 p.m.390 views

Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities

Summary IBM Data Risk Manager has addressed the following vulnerabilities: Vulnerability Details CVEID: CVE-2020-13871 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by a use-after-free in resetAccumulator in select.c. By sending a specially crafted request, a remote attacker...

10CVSS10.5AI score0.9927EPSS
Exploits182Affected Software1
OSV
OSV
added 2021/06/07 10:15 p.m.8 views

CVE-2021-3277

Nagios XI 5.7.5 and earlier allows authenticated admins to upload arbitrary files due to improper validation of the rename functionality in custom-includes component, which leads to remote code execution by uploading php files...

7.2CVSS7.7AI score0.54579EPSS
Exploits0References1
OSV
OSV
added 2021/01/04 2:15 p.m.2 views

CVE-2020-4928

IBM Cloud Pak System 2.3 could allow a local privileged attacker to upload arbitrary files. By intercepting the request and modifying the file extention, the attacker could execute arbitrary code on the server. IBM X-Force ID: 191705...

6.7CVSS6.1AI score0.00353EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/06/15 1:25 p.m.24 views

CVE-2020-4470

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. IBM X-Force ID: 181725...

7.1CVSS7.8AI score0.01911EPSS
Exploits0References3
CNVD
CNVD
added 2019/10/31 12:0 a.m.2 views

Zucchetti InfoBusiness Cross-Site Request Forgery Vulnerability

Zucchetti InfoBusiness is a business intelligence solution that uses multiple data to generate reports to measure company trends. A cross-site request forgery vulnerability exists in Zucchetti InfoBusiness 4.4.1 and earlier versions. An attacker can exploit this vulnerability to upload arbitrary...

8.8CVSS7.1AI score0.00457EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/24 12:0 a.m.5 views

Sourcecodester Restaurant Management System Code Issue Vulnerability

Sourcecodester Restaurant Management System is a restaurant management system. A code issue vulnerability exists in version 1.0 of the Sourcecodester Restaurant Management System, which arises from a failure of the program to properly process user-submitted input and can be exploited by an attack...

8.8CVSS7.7AI score0.0173EPSS
Exploits1References1
OSV
OSV
added 2019/06/30 3:15 p.m.3 views

CVE-2019-11822

Relative path traversal vulnerability in SYNO.PhotoStation.File in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to upload arbitrary files via the uploadphoto parameter...

6.5CVSS6.8AI score0.01292EPSS
Exploits0References1
OSV
OSV
added 2018/11/08 8:29 a.m.4 views

CVE-2018-19104

In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be used to upload arbitrary files and get server privileges...

8.8CVSS5.9AI score0.00646EPSS
Exploits1References1
CNVD
CNVD
added 2016/04/14 12:0 a.m.45 views

ATutor LMS install_modules.php CSRF Remote Code Execution Vulnerability

ATutor is an open source Web-based learning content management system LCMS developed by the ATutor team. The system includes teaching content management, forums, chat rooms and other modules. A cross-site request forgery vulnerability exists in the installmodules.php file in versions prior to...

8.8CVSS9AI score0.04254EPSS
Exploits6References1
Rows per page
Query Builder