Lucene search
K

20 matches found

Snyk
Snyk
added 2026/03/05 8:42 p.m.3 views

Improper Handling of Insufficient Permissions or Privileges

Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges incomplete revocation of API key permissions during the user demotion process. An attacker can maintain unauthorized access to upload-request management and log viewing endpoin...

5.4CVSS5.8AI score0.00116EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/05 8:42 p.m.3 views

Improper Handling of Insufficient Permissions or Privileges

Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges incomplete revocation of API key permissions during the user demotion process. An attacker can maintain unauthorized access to upload-request management and log viewing endpoin...

5.4CVSS5.8AI score0.00116EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-7171

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00451EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-4252

Malicious code in bioql PyPI...

6.5CVSS9.1AI score0.00333EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:7 p.m.8 views

CVE-2022-3771

A vulnerability, which was classified as critical, has been found in easyii CMS. This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The identifier...

9.8CVSS6.8AI score0.00451EPSS
Exploits0
CNVD
CNVD
added 2022/11/02 12:0 a.m.15 views

easyii CMS code issue vulnerability

easyii CMS is a simple CMS for simple websites. easyii CMS has a security vulnerability that stems from a compromised function file in the helpers/Upload.php file of the component File Upload Management, which could lead to unrestricted uploads. No details of the vulnerability are currently...

1.7AI score0.00451EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2022/10/31 7:0 p.m.27 views

easyii CMS's File Upload Management vulnerable to unrestricted upload

This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely...

9.8CVSS9AI score0.00451EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/10/31 7:0 p.m.17 views

GHSA-VQVM-QRWH-69H7 easyii CMS's File Upload Management vulnerable to unrestricted upload

This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely...

9.8CVSS7.7AI score0.00451EPSS
Exploits0References3
Prion
Prion
added 2022/10/31 2:15 p.m.12 views

Design/Logic Flaw

A vulnerability, which was classified as critical, has been found in easyii CMS. This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The identifier...

7.5CVSS9.5AI score0.00451EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/31 12:0 a.m.22 views

CVE-2022-3771 easyii CMS File Upload Management Upload.php file unrestricted upload

A vulnerability, which was classified as critical, has been found in easyii CMS. This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The identifier...

6.3CVSS9.8AI score0.00451EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/31 12:0 a.m.7 views

CVE-2022-3771 easyii CMS File Upload Management Upload.php file unrestricted upload

A vulnerability, which was classified as critical, has been found in easyii CMS. This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The identifier...

6.3CVSS6.6AI score0.00451EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/31 12:0 a.m.4 views

PT-2022-24045 · Unknown · Easyii Cms

Name of the Vulnerable Software and Affected Versions: easyii CMS affected versions not specified Description: A critical issue has been found in easyii CMS, affecting the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted...

9.8CVSS9.3AI score0.00451EPSS
Exploits0References5
CNVD
CNVD
added 2021/10/11 12:0 a.m.6 views

Tad Uploader Cross-Site Scripting Vulnerability

Tad Uploader is a file upload management module by the individual developer of Tad in Taiwan, China. A cross-site scripting vulnerability exists in Tad Uploader, which stems from the failure of the add subject of the book list function in the product to properly filter certain special characters...

6.1CVSS6.3AI score0.00612EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/08 12:0 a.m.1 views

Tad Uploader 跨站脚本漏洞

Tad Uploader is a file upload management module by the individual developer of Tad in Taiwan, China. A cross-site scripting vulnerability exists in Tad Uploader, which stems from the failure of the add subject of the book list function in the product to properly filter certain special characters...

6.1CVSS6AI score0.00612EPSS
Exploits0References2
OSV
OSV
added 2018/11/26 7:29 a.m.2 views

CVE-2018-19556

zbsystem/admin/index.php?act=UploadMng in Z-BlogPHP 1.5 mishandles file preview, leading to content spoofing. NOTE: the software maintainer disputes that this is a vulnerability...

4.3CVSS5.8AI score0.01015EPSS
Exploits1References2
CNVD
CNVD
added 2018/11/26 12:0 a.m.6 views

Z-BlogPHP Content Spoofing Vulnerability

Z-BlogPHP is an open source PHP-based blogging system developed by the Z-Blog community. A security vulnerability exists in the zbsystem/admin/index.php?act=UploadMng URL in Z-BlogPHP version 1.5, which stems from the program not handling file previews correctly. An attacker can exploit the...

4.3CVSS4.9AI score0.01015EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/11/26 12:0 a.m.5 views

PT-2018-15001 · Z Blogphp · Z-Blogphp

Name of the Vulnerable Software and Affected Versions: Z-BlogPHP version 1.5 Description: The issue in Z-BlogPHP relates to the mishandling of file preview in the zb system/admin/index.php?act=UploadMng endpoint, potentially leading to content spoofing. However, it's noted that the software...

4.3CVSS4.9AI score0.01015EPSS
Exploits1References3
CNVD
CNVD
added 2018/04/14 12:0 a.m.1 views

Override Access Vulnerability in DCMS Upload Management Page

Xiamen Sanwu Internet Technology Co., Ltd. is China's first "cloud computing"-based enterprise informatization services listed on the Growth Enterprise Market GEM. An unauthorized access vulnerability exists in the DCMS upload management page. An attacker can exploit the vulnerability to gain...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2017/06/14 12:0 a.m.40 views

KBVault MySQL 0.16a - Arbitrary File Upload

KBVault MySQL 0.16a - Arbitrary File Upload Exploit Title: KBVault MySQL v0.16a - Unauthenticated File Upload to Run Code Google Dork: inurl:"FileExplorer/Explorer.aspx" Date: 2017-06-14 Exploit Author: Fatih Emiral Vendor Homepage: http://kbvaultmysql.codeplex.com/ Software Link:...

7.5CVSS0.1AI score0.04289EPSS
Exploits4
Cisco
Cisco
added 2013/10/16 6:21 p.m.23 views

Cisco Identity Services Engine File Space Denial of Service Vulnerability

A vulnerability in the file upload management of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to upload multiple files to a specific location of the filesystem and exhaust disk space. The vulnerability is due to insufficient management of filesystem free space...

6.8CVSS2.9AI score0.01061EPSS
Exploits0References1
Rows per page
Query Builder