Lucene search
K

143 matches found

Positive Technologies
Positive Technologies
added 2024/07/17 12:0 a.m.5 views

PT-2024-5457 · Cisco · Cisco Rv345 +1

Name of the Vulnerable Software and Affected Versions: Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers affected versions not specified Description: A vulnerability in the upload module could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This issue is...

8.5CVSS8.1AI score0.00857EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/12/20 12:0 a.m.6 views

PT-2023-19325 · Woorockets · Woorockets Corsa

Name of the Vulnerable Software and Affected Versions: WooRockets Corsa versions 1.5 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type vulnerability. This allows for the upload of files with potentially dangerous types, which could lead to securit...

9.9CVSS8.5AI score0.00785EPSS
Exploits0References4
NVD
NVD
added 2023/07/20 11:15 p.m.17 views

CVE-2023-3800

A vulnerability was found in EasyAdmin8 2.0.2.2. It has been classified as problematic. Affected is an unknown function of the file /admin/index/index.html/admin/mall.goods/index.html of the component File Upload Module. The manipulation leads to unrestricted upload. The complexity of an attack i...

6.6CVSS4.9AI score0.00557EPSS
Exploits0References3
Prion
Prion
added 2023/07/20 11:15 p.m.25 views

Design/Logic Flaw

A vulnerability was found in EasyAdmin8 2.0.2.2. It has been classified as problematic. Affected is an unknown function of the file /admin/index/index.html/admin/mall.goods/index.html of the component File Upload Module. The manipulation leads to unrestricted upload. The complexity of an attack i...

3.7CVSS6.5AI score0.00557EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/07/20 11:0 p.m.22 views

CVE-2023-3800 EasyAdmin8 File Upload Module index.html unrestricted upload

A vulnerability was found in EasyAdmin8 2.0.2.2. It has been classified as problematic. Affected is an unknown function of the file /admin/index/index.html/admin/mall.goods/index.html of the component File Upload Module. The manipulation leads to unrestricted upload. The complexity of an attack i...

3.9CVSS6.7AI score0.00557EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/07/20 11:0 p.m.12 views

CVE-2023-3800 EasyAdmin8 File Upload Module index.html unrestricted upload

A vulnerability was found in EasyAdmin8 2.0.2.2. It has been classified as problematic. Affected is an unknown function of the file /admin/index/index.html/admin/mall.goods/index.html of the component File Upload Module. The manipulation leads to unrestricted upload. The complexity of an attack i...

3.9CVSS6.5AI score0.00557EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/20 12:0 a.m.5 views

PT-2023-26244 · Unknown · Easyadmin8

Name of the Vulnerable Software and Affected Versions: EasyAdmin8 version 2.0.2.2 Description: A vulnerability has been found in the File Upload Module of EasyAdmin8, affecting an unknown function of the file /admin/index/index.html/admin/mall.goods/index.html. This issue leads to unrestricted...

6.6CVSS4.5AI score0.00557EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/07/06 3:15 p.m.4 views

CVE-2023-37135

A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS6.2AI score0.00297EPSS
Exploits1References2
NVD
NVD
added 2023/07/06 3:15 p.m.13 views

CVE-2023-37135

A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.3AI score0.00297EPSS
Exploits1References1
OSV
OSV
added 2023/07/06 3:15 p.m.3 views

CVE-2023-37135

A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.9AI score0.00297EPSS
Exploits1References1
Prion
Prion
added 2023/07/06 3:15 p.m.19 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.9CVSS5.2AI score0.00297EPSS
Exploits1References1Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 12:1 a.m.8 views

Connect-Multiparty allows arbitrary file upload

An arbitrary file upload vulnerability in the file upload module of Express Connect-Multiparty 2.2.0 allows attackers to execute arbitrary code via a crafted PDF file. NOTE: the Supplier has not verified this vulnerability report...

7.8CVSS7.7AI score0.01244EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2022/05/16 2:15 p.m.16 views

Design/Logic Flaw

An arbitrary file upload vulnerability in the file upload module of Tiddlywiki5 v5.2.2 allows attackers to execute arbitrary code via a crafted SVG file...

7.5CVSS9.5AI score0.02409EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2022/05/16 2:15 p.m.20 views

Design/Logic Flaw

An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows attackers to execute arbitrary code via a crafted filename...

7.5CVSS9.5AI score0.01615EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/05/16 1:28 p.m.62 views

CVE-2022-29354

CVE-2022-29354 concerns Keystone CMS, version 4.2.1. The vulnerability is in the File Upload module, where an arbitrary file upload allows an attacker to execute arbitrary code via a crafted file. The description and connected sources confirm the affected software/component and the risk of remote...

9.8CVSS9.4AI score0.0241EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.4 views

Keystone 代码问题漏洞

Keystone is a powerful CMS designed to help you build and scale faster than any other Cms or application framework. A security vulnerability exists in Keystone version 4.2.1, which stems from an arbitrary file upload issue in the File Upload module. An attacker can execute arbitrary code via a...

9.8CVSS8.8AI score0.0241EPSS
Exploits1References2
OSV
OSV
added 2022/04/15 7:15 p.m.4 views

CVE-2022-28113

An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie...

7.2CVSS5.8AI score0.03697EPSS
Exploits2References4
Github Security Blog
Github Security Blog
added 2022/04/13 12:0 a.m.103 views

Unrestricted Upload of File with Dangerous Type in Strapi

An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file...

9.8CVSS7AI score0.03018EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/04/13 12:0 a.m.21 views

GHSA-9QGM-W87Q-HX89 Unrestricted Upload of File with Dangerous Type in Strapi

An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file...

9.8CVSS9.6AI score0.03018EPSS
Exploits1References3
Prion
Prion
added 2022/04/12 5:15 p.m.14 views

Design/Logic Flaw

An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file...

7.5CVSS9.5AI score0.03018EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder