Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/04/01 9:7 p.m.3 views

EUVD-2026-17656

AVideo: Video Publishing Workflow Bypass via Unauthorized overrideStatus Request Parameter...

4.3CVSS5.8AI score0.00011EPSS
Exploits1References3
CVE
CVEadded 2026/03/31 8:57 p.m.6 views

CVE-2026-34740

WWBN AVideo (versions 26.0 and prior) contains a stored SSRF in the EPG link feature. Authenticated users with upload permissions can store arbitrary URLs that the server fetches on each EPG page visit. The URL validation relies only on PHP FILTER_VALIDATE_URL, which accepts internal network addr...

6.5CVSS6AI score0.00013EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2026/03/31 8:55 p.m.2 views

CVE-2026-34738 AVideo: Video Publishing Workflow Bypass via Unauthorized overrideStatus Request Parameter

WWBN AVideo is an open source video platform. In versions 26.0 and prior, AVideo's video processing pipeline accepts an overrideStatus request parameter that allows any uploader to set a video's status to any valid state, including "active" a. This bypasses the admin-controlled moderation and dra...

4.3CVSS6AI score0.00011EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/03/27 12:0 a.m.3 views

PT-2026-28340

Name of the Vulnerable Software and Affected Versions Bludit versions prior to 3.18.3 Description Bludit is susceptible to Stored Cross-Site Scripting XSS through its image upload feature. An authenticated attacker possessing content upload permissions—like Author, Editor, or Administrator—can...

8.7CVSS5.9AI score0.00532EPSS
Exploits4References4
Snyk
Snykadded 2026/03/16 9:16 p.m.2 views

Arbitrary File Upload

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Arbitrary File Upload through the UploadHandlerFile process. An attacker can execute arbitrary code on the server by uploading a...

8.8CVSS6.3AI score0.00051EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/06/10 12:0 a.m.2 views

OctoPrint 安全漏洞

OctoPrint is an open source application from OctoPrint. It provides a fast web interface for controlling consumer 3D printers. A security vulnerability exists in OctoPrint 1.11.1 and earlier versions, which stems from improper file upload permissions and could lead to file disclosure...

5.4CVSS6.4AI score0.00102EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/07/04 12:0 a.m.4 views

PT-2024-28745 · Rejetto · Rejetto Hfs

Name of the Vulnerable Software and Affected Versions: rejetto HFS aka HTTP File Server versions 3 before 0.52.10 Description: The issue allows OS command execution by remote authenticated users who have Upload permissions. This occurs because a shell is used to execute df with execSync instead o...

9.9CVSS7.2AI score0.78344EPSS
Exploits1References29
Rows per page
Query Builder