Lucene search
K

425 matches found

CNNVD
CNNVD
added 2021/11/10 12:0 a.m.5 views

Publify 跨站脚本漏洞

Publify is a simple but full-featured web publishing software. A security vulnerability exists in Publify versions v8.0 through v9.2.4, which can be exploited by attackers to inject malicious JavaScript via an uploaded html file...

5.4CVSS5.7AI score0.00578EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2021/11/05 1:15 p.m.2 views

CVE-2021-42671

An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP in niamunozmonitoringsystem/admin/uploads. An attacker can leverage this vulnerability in order to bypass access controls and access all the files uploaded to the web server without the need of...

7.5CVSS5.8AI score0.19676EPSS
Exploits3References4
CNNVD
CNNVD
added 2021/11/05 12:0 a.m.4 views

Engineers Online Portal 访问控制错误漏洞

Sourcecodester Engineers Online Portal is an open source online portal. niamunozmonitoringsystem/admin/uploads of Sourcecodester Engineers Online Portal in PHP is vulnerable to An access control error vulnerability can be exploited to bypass access control and access all files uploaded to the web...

7.5CVSS5.7AI score0.19676EPSS
Exploits3References4
Huntr
Huntr
added 2021/10/13 6:35 a.m.9 views

in jspark311/buriedunderthenoisefloor

Description Uploaded files represent a significant risk to applications. The first step in many attacks is to get some code to the system to be attacked. Then the attack only needs to find a way to get the code executed. https://github.com/jspark311/BuriedUnderTheNoiseFloor/ is vulnerable to remo...

0.1AI score
Exploits0References2
OSV
OSV
added 2021/09/14 8:24 p.m.12 views

GHSA-GQCF-83RQ-GPFR Any storage file can be downloaded from p.sh if full server path is known

The default configuration for platform.sh .platform.app.yaml allows access to uploaded files if you know or can guess their location, regardless of whether roles grant content read access to the content containing those files. If you're using Legacy Bridge, the default configuration also allows...

7AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2021/09/14 8:24 p.m.38 views

Any storage file can be downloaded from p.sh if full server path is known

The default configuration for platform.sh .platform.app.yaml allows access to uploaded files if you know or can guess their location, regardless of whether roles grant content read access to the content containing those files. If you're using Legacy Bridge, the default configuration also allows...

3.5AI score
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.9 views

Dswjcms 代码问题漏洞

Dswjcms is for individuals and personal lending launched a free p2p open source project , based on Thinkphp architecture of the industry system , fully automated installation mode , quickly build a P2P website . Dswjcms 1.6.4 version of a security vulnerability , the vulnerability stems from...

9.8CVSS9AI score0.01603EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2021/08/18 9:13 a.m.3 views

spring-web: (re)creating the temporary storage directory could result in a privilege escalation within WebFlux application

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by recreating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFl...

7.8CVSS7AI score0.00396EPSS
Exploits0References6
NVD
NVD
added 2021/08/17 11:15 p.m.25 views

CVE-2021-39250

Invision Community aka IPS Community Suite or IP-Board before 4.6.5.1 allows stored XSS, with resultant code execution, because an uploaded file can be placed in an IFRAME element within user-generated content. For code execution, the attacker can rely on the ability of an admin to install widget...

5.4CVSS0.00815EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/08/17 10:2 p.m.27 views

CVE-2021-39250

Invision Community aka IPS Community Suite or IP-Board before 4.6.5.1 allows stored XSS, with resultant code execution, because an uploaded file can be placed in an IFRAME element within user-generated content. For code execution, the attacker can rely on the ability of an admin to install widget...

5.7AI score0.00815EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/08/12 12:0 a.m.5 views

AikCms 代码问题漏洞

AikCms AikCms is a content management system CMS based on PHP and MySQL. A security vulnerability exists in AikCms version v2.0.0, which originates from uploaded files not validated in the background file management...

7.2CVSS7.1AI score0.00976EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/14 12:0 a.m.54 views

Nextcloud Input Validation Error Vulnerability (CNVD-2022-20701)

An input validation error vulnerability exists in Nextcloud Server, which stems from the fact that DownloadResponse does not do security checks on uploaded file names, and could be exploited to trick users into downloading malicious files with normal file name...

8.8CVSS3.5AI score0.0137EPSS
Exploits0References1
OSV
OSV
added 2021/05/27 3:15 p.m.3 views

UBUNTU-CVE-2021-22118

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by recreating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFl...

7.8CVSS6.9AI score0.00396EPSS
Exploits0References3
OSV
OSV
added 2021/05/05 3:15 p.m.2 views

PYSEC-2021-7

In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names...

7.5CVSS7.1AI score0.05291EPSS
Exploits0References7
OSV
OSV
added 2021/05/04 9:0 a.m.2 views

UBUNTU-CVE-2021-31542

In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names...

7.5CVSS7.1AI score0.05291EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/05/04 12:0 a.m.5 views

PT-2021-4548

Name of the Vulnerable Software and Affected Versions Django versions 2.2 through 2.2.20 Django versions 3.1 through 3.1.8 Django versions 3.2 through 3.2.0 Description The issue is related to the lack of restrictions on file uploads in the Django web application platform, specifically in the...

8.7CVSS6.7AI score0.05291EPSS
Exploits0References207
OSV
OSV
added 2021/04/12 2:15 p.m.3 views

CVE-2021-24224

The EFBPverifyuploadfile AJAX action of the Easy Form Builder WordPress plugin through 1.0, available to authenticated users, does not have any security in place to verify uploaded files, allowing low privilege users to upload arbitrary files, leading to RCE...

8.8CVSS7.4AI score0.01906EPSS
Exploits2References2
Github Security Blog
Github Security Blog
added 2021/04/08 6:11 p.m.73 views

Directory Traversal in Django

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability...

5.3CVSS3.4AI score0.03865EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2021/04/06 3:15 p.m.27 views

CVE-2021-28658

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability...

5.3CVSS5.2AI score
Exploits0References6
PyPA
PyPA
added 2021/04/06 3:15 p.m.6 views

PYSEC-2021-6

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability...

5.3CVSS7.1AI score0.03865EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder