CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

150 matches found

NVD•added 2021/09/30 6:15 p.m.•9 views

CVE-2021-35199

NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting XSS in UploadFile...

5.4CVSS0.00354EPSS

Exploits0References1

OSV•added 2021/09/30 6:15 p.m.•0 views

CVE-2021-35199

NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting XSS in UploadFile...

5.4CVSS5.8AI score0.00354EPSS

Exploits0References1

Prion•added 2021/09/30 6:15 p.m.•10 views

Cross site scripting

NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting XSS in UploadFile...

3.5CVSS5.2AI score0.00354EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/09/30 5:57 p.m.•11 views

CVE-2021-35199

NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting XSS in UploadFile...

5.5AI score0.00354EPSS

Exploits0References1

CNNVD•added 2021/09/13 12:0 a.m.•3 views

KiteCMS 代码问题漏洞

KiteCMS is a content management system based on think php. An arbitrary file upload vulnerability exists in /admin/upload/uploadfile in KiteCMS version 1.1. An attacker can exploit the vulnerability getshell via a specially crafted PHP file...

7.8CVSS5.8AI score0.00201EPSS

Exploits1References2

OSV•added 2021/07/25 9:15 p.m.•0 views

CVE-2021-37467

In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= reflected...

5.4CVSS5.8AI score0.00206EPSS

Exploits1References2

NVD•added 2020/01/23 3:15 p.m.•16 views

CVE-2019-19839

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/cmdstat.jsp via the uploadFile attribute...

10CVSS9.6AI score0.04274EPSS

Exploits1References3

OSV•added 2020/01/23 3:15 p.m.•1 views

CVE-2019-19839

9.8CVSS7.5AI score

Exploits0References3

Prion•added 2020/01/23 3:15 p.m.•16 views

Command injection

10CVSS9.4AI score0.04274EPSS

Exploits1References3Affected Software2

Cvelist•added 2020/01/23 1:42 p.m.•12 views

CVE-2019-19839

9.6AI score0.04274EPSS

Exploits1References3

OSV•added 2019/08/06 11:15 p.m.•2 views

CVE-2019-14704

An SSRF issue was discovered in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 via FTP commands following a newline character in the uploadfile field...

9.8CVSS7.3AI score0.00577EPSS

Exploits0References3

NVD•added 2019/05/24 5:29 p.m.•9 views

CVE-2018-19612

The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code...

8.8CVSS8.8AI score0.0075EPSS

Exploits0References2

Prion•added 2019/05/24 5:29 p.m.•8 views

Code injection

The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code...

6.5CVSS8.7AI score0.0075EPSS

Exploits0References2

CVE•added 2019/05/24 4:44 p.m.•49 views

CVE-2018-19612

The CVE-2018-19612 issue affects Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers, where the /uploadfile? feature allows remote attackers to upload malicious file types and execute ASP code. The vulnerability originates from the upload functionality, enabling unauthenticated or unauthenticate...

8.8CVSS8.7AI score0.0075EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/05/24 4:44 p.m.•11 views

CVE-2018-19612

The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code...

8.8AI score0.0075EPSS

Exploits0References2

CNVD•added 2019/05/24 12:0 a.m.•1 views

Westermo DR-260, DR-250 and MR-260 Code Issue Vulnerabilities

Westermo DR-260 and others are products of the Swedish company Westermo.Westermo DR-260 is a DSL router.Westermo DR-250 is a DSL router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia...

8.8CVSS7.5AI score0.0075EPSS

Exploits0References1

OSV•added 2019/05/13 4:29 p.m.•0 views

CVE-2018-4027

An exploitable denial-of-service vulnerability exists in the XMLUploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a semaphore deadlock, which prevents the device from receiving any physical or...

7.5CVSS5.8AI score

Exploits0References1

CNVD•added 2019/03/07 12:0 a.m.•1 views

OFCMS backend ueditor uploadFile file upload vulnerability

OFCMS is a content management system based on Java technology. A backend ueditor uploadFile file upload vulnerability exists in versions of OFCMS prior to 1.1.3. The vulnerability stems from the blocking of .jsp and .jspx files that fails to take into account file.jsp::$DATA of the...

8.8CVSS7.6AI score0.02191EPSS

Exploits1References1

Openbugbounty•added 2017/07/01 3:39 p.m.•13 views

national.insurerbuild.co.nz XSS vulnerability

Vulnerable URL: http://national.insurerbuild.co.nz/upload/uploadfile.asp?attachtype=1"...

6.9AI score

Exploits0

seebug.org•added 2016/07/13 12:0 a.m.•27 views

WordPress WP-DownloadManager Plugin 1.68.1 arbitrary file upload vulnerability

Vulnerability file: download-add.php Vulnerability code: if ! empty $POST'do' checkadminreferer'wp-downloadmanageradd-file'; // Decide What To Do switch $POST'do' // Add File case 'Add File', 'wp-downloadmanager': $filetype = ! empty $POST'filetype' ? intval $POST'filetype' : 0; switch$filetype...

7.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by