Lucene search
K

181 matches found

Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.5 views

PT-2024-3687 · Siemens · Ruggedcom Crossbow

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM CROSSBOW versions prior to V5.5 Description: The issue is related to incorrect external control of a file name or path in the Firmware Upload Handler component of the RUGGEDCOM CROSSBOW system. This could allow a remote attacker to...

8.3CVSS8.2AI score0.01352EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/03/17 12:0 a.m.6 views

PT-2024-21065 · Unknown · Pandaxgo Pandax

Name of the Vulnerable Software and Affected Versions: PandaXGO PandaX up to 20240310 Description: A critical issue has been found in the File Extension Handler component, specifically in the /apps/system/router/upload.go file. The manipulation of the file argument leads to unrestricted upload...

9.8CVSS6.6AI score0.00604EPSS
Exploits0References7
NVD
NVD
added 2024/01/09 10:15 p.m.23 views

CVE-2024-0348

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the component File Upload Handler. The manipulation leads to resource consumption. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS5.1AI score0.01051EPSS
Exploits1References3
Prion
Prion
added 2024/01/09 10:15 p.m.16 views

Design/Logic Flaw

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the component File Upload Handler. The manipulation leads to resource consumption. It is possible to launch the attack remotely. The exploit has been...

4CVSS7.2AI score0.01051EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2024/01/09 10:0 p.m.46 views

CVE-2024-0348

The CVE-2024-0348 entry concerns SourceCodester Engineers Online Portal 1.0. The vulnerability affects the File Upload Handler component (an unknown function) and leads to resource consumption. The issue is exploitable remotely over the network, with the exploit publicly disclosed (VDB-250116). S...

6.5CVSS6.5AI score0.01051EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2024/01/09 12:0 a.m.6 views

Engineers Online Portal Resource Management Error Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. A resource management error vulnerability exists in SourceCodester Engineers Online Portal version 1.0, which stems from th...

6.5CVSS6.9AI score0.01051EPSS
Exploits1References4
NVD
NVD
added 2023/12/17 1:15 a.m.19 views

CVE-2023-6887

A vulnerability classified as critical has been found in saysky ForestBlog up to 20220630. This affects an unknown part of the file /admin/upload/img of the component Image Upload Handler. The manipulation of the argument filename leads to unrestricted upload. It is possible to initiate the attac...

9.8CVSS0.00908EPSS
Exploits1References3
Prion
Prion
added 2023/12/17 1:15 a.m.10 views

Design/Logic Flaw

A vulnerability classified as critical has been found in saysky ForestBlog up to 20220630. This affects an unknown part of the file /admin/upload/img of the component Image Upload Handler. The manipulation of the argument filename leads to unrestricted upload. It is possible to initiate the attac...

6.5CVSS7.2AI score0.00908EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/17 12:31 a.m.11 views

CVE-2023-6887 saysky ForestBlog Image Upload img unrestricted upload

A vulnerability classified as critical has been found in saysky ForestBlog up to 20220630. This affects an unknown part of the file /admin/upload/img of the component Image Upload Handler. The manipulation of the argument filename leads to unrestricted upload. It is possible to initiate the attac...

6.5CVSS6.9AI score0.00908EPSS
Exploits1References3
CVE
CVE
added 2023/12/17 12:31 a.m.70 views

CVE-2023-6887

CVE-2023-6887 affects saysky ForestBlog

9.8CVSS8.1AI score0.00908EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/17 12:0 a.m.5 views

PT-2023-32798 · Saysky · Sayski Forestblog

Name of the Vulnerable Software and Affected Versions: saysky ForestBlog up to 20220630 Description: A critical issue has been found in the Image Upload Handler component, affecting the /admin/upload/img file. The manipulation of the filename argument leads to unrestricted upload. This issue can ...

9.8CVSS6.4AI score0.00908EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/09/20 12:0 a.m.4 views

D-LINK DWL-6610 Command Injection Vulnerability

The D-Link DWL-6610 is a wireless access point from D-Link. A security vulnerability exists in the D-LINK DWL-6610 due to a command injection vulnerability in the configuploadhandler function. An attacker can use this vulnerability to execute arbitrary commands via the configRestore parameter...

9.8CVSS8.2AI score0.0231EPSS
Exploits1References2
OSV
OSV
added 2023/09/18 5:15 a.m.5 views

CVE-2023-5034

A vulnerability classified as problematic was found in SourceCodester My Food Recipe 1.0. This vulnerability affects unknown code of the file index.php of the component Image Upload Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been...

9.8CVSS4.9AI score0.00644EPSS
Exploits0References3
Prion
Prion
added 2023/09/18 5:15 a.m.13 views

Out-of-bounds

A vulnerability classified as problematic was found in SourceCodester My Food Recipe 1.0. This vulnerability affects unknown code of the file index.php of the component Image Upload Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been...

6.5CVSS9.5AI score0.00644EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/07/11 5:15 p.m.7 views

CVE-2023-3623

A vulnerability was found in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230704. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Duty/AjaxHandle/UploadHandler.ashx of the component Duty Module. The...

9.8CVSS5.4AI score0.00793EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.7 views

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 代码问题漏洞

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is a flash flood prevention monitoring and early warning system from Suncreate. The Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is vulnerable to a code issue in the file...

9.8CVSS6.9AI score0.00793EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/07/10 12:0 a.m.5 views

PT-2023-5381 · D Link · D-Link Dwl-6610Ap

Name of the Vulnerable Software and Affected Versions: D-LINK DWL-6610 version 4.3.0.8B003C Description: The issue is related to a command injection vulnerability in the config upload handler function. This vulnerability allows attackers to execute arbitrary commands via the configRestore...

9.8CVSS8.4AI score0.0231EPSS
Exploits1References7
NVD
NVD
added 2023/05/27 9:15 a.m.32 views

CVE-2023-2926

A vulnerability was found in SeaCMS 11.6 and classified as problematic. This issue affects some unknown processing of the file member.php of the component Picture Upload Handler. The manipulation of the argument oldpic leads to denial of service. The attack may be initiated remotely. The exploit...

6.5CVSS5.8AI score0.0087EPSS
Exploits1References3
Prion
Prion
added 2023/05/27 9:15 a.m.19 views

Design/Logic Flaw

A vulnerability was found in SeaCMS 11.6 and classified as problematic. This issue affects some unknown processing of the file member.php of the component Picture Upload Handler. The manipulation of the argument oldpic leads to denial of service. The attack may be initiated remotely. The exploit...

5.5CVSS6.5AI score0.0087EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/05/27 9:0 a.m.37 views

CVE-2023-2926 SeaCMS Picture Upload member.php denial of service

A vulnerability was found in SeaCMS 11.6 and classified as problematic. This issue affects some unknown processing of the file member.php of the component Picture Upload Handler. The manipulation of the argument oldpic leads to denial of service. The attack may be initiated remotely. The exploit...

5.5CVSS6.7AI score0.0087EPSS
Exploits1References3
Rows per page
Query Builder