Lucene search
K

30 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/10 12:12 p.m.6 views

CVE-2022-50944

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=addpost parameter, a...

8.8CVSS6.1AI score0.00347EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.10 views

PT-2026-39473

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=add post parameter,...

8.8CVSS6.1AI score0.00347EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.9 views

Cisco Enterprise Chat and Email 安全漏洞

Cisco Enterprise Chat and Email is a corporate chat and email solution provided by Cisco, Inc. This product primarily offers email, chat, and web callback features for other Cisco solutions. There is a security vulnerability in Cisco Enterprise Chat and Email, which stems from insufficient...

4.3CVSS5.8AI score0.00125EPSS
Exploits0References1
OSV
OSV
added 2026/02/17 10:18 p.m.5 views

CVE-2025-36183

IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload malicious files that could be executed server to modify limited files or data...

2.7CVSS5.8AI score0.00185EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/17 7:27 p.m.4 views

CVE-2025-36598

Dell Avamar, versions prior to 19.12 with patch 338905, contains an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to upload malicious...

6.5CVSS5.6AI score0.00325EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.7 views

PT-2026-20255

Name of the Vulnerable Software and Affected Versions Dell Avamar versions prior to 19.12 with patch 338905 Description Dell Avamar contains an Improper Limitation of a Pathname to a Restricted Directory vulnerability, also known as a 'Path Traversal' issue, in the Security component. A...

6.5CVSS5.5AI score0.00325EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2026/02/17 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-7694

ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server...

7.2CVSS6.1AI score0.01807EPSS
In wildExploits0References2
RedhatCVE
RedhatCVE
added 2026/02/05 7:26 a.m.4 views

CVE-2026-23704

A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life EOL, are affected by the vulnerability as well...

6.5CVSS6.6AI score0.00202EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 5:15 p.m.5 views

CVE-2021-47888

Textpattern versions prior to 4.8.3 contain an authenticated remote code execution vulnerability that allows logged-in users to upload malicious PHP files. Attackers can upload a PHP file with a shell command execution payload and execute arbitrary commands by accessing the uploaded file through ...

8.8CVSS0.00602EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 8:43 a.m.7 views

CVE-2022-33166

IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 228586...

7.2CVSS6.1AI score0.00787EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.5 views

PT-2025-51959

Name of the Vulnerable Software and Affected Versions SitemagicCMS version 4.4.3 Description The software contains a remote code execution issue that allows attackers to upload malicious PHP files to the 'files/images' directory. An attacker can upload a .phar file containing a system command...

9.8CVSS8.4AI score0.00807EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/11/13 9:8 a.m.3 views

CVE-2025-12872

The a+HRD and a+HCM developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to upload files containing malicious JavaScript code, which will execute on the client side when a user is tricked into visiting a specific URL...

5.4CVSS6AI score0.00175EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-9890

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.00587EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-25993

Malicious code in bioql PyPI...

9CVSS8.6AI score0.03902EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-17476

Malicious code in bioql PyPI...

10CVSS6.5AI score0.00442EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-54660

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00622EPSS
Exploits0References1
NVD
NVD
added 2025/05/19 6:15 p.m.13 views

CVE-2025-26872

Unrestricted Upload of File with Dangerous Type vulnerability in dkszone Eximius allows Using Malicious Files.This issue affects Eximius: from n/a through 2.2...

9.9CVSS0.00428EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.4 views

Elastic Kibana 安全漏洞

Elastic Kibana is an available data visualization dashboard software from Elastic. A security vulnerability exists in Elastic Kibana versions prior to 8.13.0 that stems from insufficient server-side validation resulting in an authenticated attacker being able to upload malicious files...

4.3CVSS6.5AI score0.00274EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/04 3:58 p.m.27 views

CVE-2025-32118 WordPress CMP – Coming Soon & Maintenance plugin <= 4.1.14 - Remote Code Execution (RCE) vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP – Coming Soon & Maintenance cmp-coming-soon-maintenance allows Using Malicious Files.This issue affects CMP – Coming Soon & Maintenance: from n/a through = 4.1.14...

9.1CVSS0.00587EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:45 p.m.6 views

CVE-2022-41217

Cloudflow contains a unauthenticated file upload vulnerability, which makes it possible for an attacker to upload malicious files to the CLOUDFLOW PROOFSCOPE built-in storage...

9.8CVSS6.9AI score0.00692EPSS
Exploits0References1
Rows per page
Query Builder