Lucene search
K

143 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29650

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00767EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-31769

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02081EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24152

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00299EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/09/18 1:39 a.m.18 views

CVE-2025-57631

SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...

9.8CVSS8.9AI score0.00767EPSS
Exploits1References1
NVD
NVD
added 2025/09/16 8:15 p.m.10 views

CVE-2025-57631

SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...

9.8CVSS0.00767EPSS
Exploits1References4
OSV
OSV
added 2025/09/16 8:15 p.m.4 views

CVE-2025-57631

SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...

9.8CVSS8.9AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.7 views

PT-2025-38072

Name of the Vulnerable Software and Affected Versions: TDuckCloud version 5.1 Description: A SQL Injection issue exists in TDuckCloud version 5.1, allowing a remote attacker to execute arbitrary code through the Add a file upload module. Recommendations: At the moment, there is no information abo...

9.8CVSS8AI score0.00767EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/09/16 12:0 a.m.2 views

CVE-2025-57631

SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...

8.5AI score0.00767EPSS
Exploits1References4
CVE
CVE
added 2025/09/16 12:0 a.m.22 views

CVE-2025-57631

TDuckCloud CVE-2025-57631 is a SQL injection affecting TDuckCloud v5.1 through the file-upload module, enabling a remote attacker to execute arbitrary code. The CVE’s metrics show a high-severity, network-exploitable impact with no user interaction required. The available connected documents conf...

9.8CVSS8.5AI score0.00767EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.4 views

PT-2025-34490 · Salesforce · Tableau Desktop +1

Name of the Vulnerable Software and Affected Versions: Tableau Server and Tableau Desktop versions prior to 2025.1.3 Tableau Server and Tableau Desktop versions prior to 2024.2.12 Tableau Server and Tableau Desktop versions prior to 2023.3.19 Description: A 'Type Confusion' vulnerability exists i...

9.3CVSS10AI score0.1372EPSS
Exploits2References19
RedhatCVE
RedhatCVE
added 2025/08/13 3:28 p.m.8 views

CVE-2025-8859

A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit...

8.8CVSS7.2AI score0.00299EPSS
Exploits1References1
NVD
NVD
added 2025/08/11 3:15 p.m.3 views

CVE-2025-8859

A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit...

8.8CVSS0.00299EPSS
Exploits1References5
OSV
OSV
added 2025/08/11 3:15 p.m.4 views

CVE-2025-8859

A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit...

8.8CVSS5.3AI score0.00299EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/08/11 2:32 p.m.8 views

CVE-2025-8859 code-projects eBlog Site File Upload save-slider.php unrestricted upload

A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit...

6.5CVSS0.00299EPSS
Exploits1References5
CVE
CVE
added 2025/08/11 2:32 p.m.25 views

CVE-2025-8859

CVE-2025-8859 affects code-projects’ eBlog Site 1.0, specifically the File Upload Module function in the file /native/admin/save-slider.php. The vulnerability involves unrestricted file upload, reported as exploitable remotely. Public disclosure exists, and multiple sources reinforce that an atta...

8.8CVSS7.1AI score0.00299EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/28 12:0 a.m.2 views

PT-2025-5648 · Pimcore · Pimcore

Name of the Vulnerable Software and Affected Versions: PIMCORE affected versions not specified Description: A Stored Cross-Site Scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the PDF upload functionality. This can result in the execution of malicious script...

8.1CVSS5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/20 12:0 a.m.13 views

PT-2024-35410 · Hkcms · Hkcms

Name of the Vulnerable Software and Affected Versions: HkCms versions prior to 2.3.2.240702 Description: The issue concerns a file upload vulnerability in the getFileName method located in /app/common/library/Upload.php. Recommendations: For versions prior to 2.3.2.240702, consider disabling the...

9.8CVSS6.9AI score0.00618EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/10/26 12:0 a.m.2 views

WordPress plugin WP Awesome Login 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS6.1AI score0.00317EPSS
Exploits0References2
NVD
NVD
added 2024/07/17 5:15 p.m.19 views

CVE-2024-20416

A vulnerability in the upload module of Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient boundary checks when processing specific HTTP requests. An attacker...

6.5CVSS0.00857EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/17 4:29 p.m.20 views

CVE-2024-20416

A vulnerability in the upload module of Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient boundary checks when processing specific HTTP requests. An attacker...

6.5CVSS0.00857EPSS
Exploits0References1
Rows per page
Query Builder