Lucene search
+L

8324 matches found

Nuclei
Nuclei
added 8 hours ago12 views

WordPress File Manager <= 7.2.1 - Directory Traversal

File Manager and File Manager Pro plugins for WordPress versions up to 7.2.1 and 8.3.4 contain a directory traversal caused by the 'target' parameter in mkfilefoldermanageractioncallbackshortcode, letting attackers read arbitrary files and upload files outside designated directories, exploit...

9.9CVSS8.4AI score0.06009EPSS
Exploits0References2
Nuclei
Nuclei
added 8 hours ago22 views

Adning Advertising <= 1.5.5 - Arbitrary File Upload

The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ninguploadimage function in versions up to, and including, 1.5.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites...

9.8CVSS9.4AI score0.06944EPSS
Exploits1References4
Nuclei
Nuclei
added 8 hours ago169 views

MinIO - Incomplete Signature Validation for Unsigned-Trailer Uploads

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload objects given the user already has prior WRITE permissions on...

8.7CVSS7.4AI score0.02421EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday45 views

Ninja Forms File Uploads <= 3.3.26 - Arbitrary File Upload

Ninja Forms File Uploads plugin for WordPress versions up to and including 3.3.26 is vulnerable to unauthenticated arbitrary file upload which could lead to remote code execution. id: CVE-2026-0740 info: name: Ninja Forms File Uploads = 3.3.26 - Arbitrary File Upload author: whattheslime severity...

9.8CVSS7.2AI score0.54254EPSS
Exploits8References2
Nuclei
Nuclei
added yesterday85 views

Cisco VPN Routers - Unauthenticated Arbitrary File Upload

A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement...

9.8CVSS6.8AI score0.88874EPSS
Exploits0References5
EUVD
EUVD
added yesterday6 views

EUVD-2026-44877

The Customer Reviews for WooCommerce WordPress plugin before 5.113.0 does not perform authentication, capability, or nonce checks on one of its media upload AJAX actions when the review media attachment feature is enabled, allowing unauthenticated users to upload media files bounded to an image a...

6.5CVSS6.1AI score0.00191EPSS
Exploits0References1
NVD
NVD
added 2 days ago6 views

CVE-2026-61684

FastGPT is a knowledge-based AI application platform. In 4.15.0-beta4, FastGPT plugin invoke reverse-call endpoints under /api/invoke/ authenticate only by verifying a JWT signed with INVOKETOKENSECRET, which defaults to the constant string token and was not set in official deployment templates. ...

8.8CVSS0.00295EPSS
Exploits0References4
CVE
CVE
added 2 days ago8 views

CVE-2026-61457

CVE-2026-61457 : The Grav API plugin (getgrav/grav-plugin-api) before 1.0.3 is vulnerable to a file upload extension bypass in the API media controller. The validation in HandlesMediaUploads::validateFileExtension() only checks the final extension via pathinfo($filename, PATHINFO_EXTENSION); a us...

8.8CVSS6.3AI score0.00464EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-11579

The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.17 does not verify that a file upload is made against an existing form configured with a file-upload field, accepting uploads regardless of whether any such form exists, which allows unauthenticated users to upload...

6.2AI score0.00237EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago9 views

EUVD-2026-44592

The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.17 does not verify that a file upload is made against an existing form configured with a file-upload field, accepting uploads regardless of whether any such form exists, which allows unauthenticated users to upload...

5.3CVSS6.2AI score0.00237EPSS
Exploits0References1
NVD
NVD
added 3 days ago7 views

CVE-2026-15305

Users were able to upload files with arbitrary MIME types to forms using FileUpload or ImageUpload elements with allowedMimeTypes configured. The restriction was not enforced server-side because the MimeTypeValidator was registered during form building before concrete form definition properties...

6.3CVSS0.00174EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-15305

Users were able to upload files with arbitrary MIME types to forms using FileUpload or ImageUpload elements with allowedMimeTypes configured. The restriction was not enforced server-side because the MimeTypeValidator was registered during form building before concrete form definition properties...

6.3CVSS6.2AI score0.00174EPSS
Exploits0References4Affected Software1
CVE
CVE
added 3 days ago8 views

CVE-2026-15305

The CVE affects TYPO3 CMS versions 14.2.0–14.3.5. Root cause: MimeTypeValidator is registered during form building before concrete form definition properties are applied, so the server-side enforcement of allowedMimeTypes is bypassed and users can upload files with arbitrary MIME types via FileUp...

6.3CVSS6.2AI score0.00174EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago8 views

Malicious code in eth-wallet-helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 517d465272a3a1d252e83e178bb263a1ccf600b42fed6d5aa1d110b9141fc77a On require of index.js, a delayed IIFE reads test/fixtures/keypairs.dat, base64-decodes it into /.cache-db/.node-sync/syncd.js mode 0o700, and spawns...

6.1AI score
Exploits0References4
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-43577

Cockpit CMS contains a path traversal vulnerability in the Bucket file storage API /system/buckets/api. The api method in modules/System/Controller/Buckets.php sanitizes the bucket name with pregreplace'/^a-zA-Z0-9-\./','', $bucket, which permits '..' and '../' sequences. The sanitized value is...

8.8CVSS6.1AI score0.00389EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 3 days ago6 views

PT-2026-58720

Name of the Vulnerable Software and Affected Versions Podlove Podcast Publisher versions prior to 4.5.2 Description Missing file type validation in the podlove handle cache files function allows unauthenticated attackers to upload arbitrary files to the server. This flaw in the image cache can le...

9.8CVSS6.4AI score0.01079EPSS
Exploits3References6
CVE
CVE
added 4 days ago8 views

CVE-2026-57856

Cockpit CMS exposes a path traversal in the Bucket file storage API (/system/buckets/api). The api() function sanitizes the bucket name with a regex that still allows ".." and "../" sequences, which are then interpolated into uploads://buckets/{bucket} and not blocked by Flysystem’s WhitespacePat...

8.8CVSS6.1AI score0.00389EPSS
Exploits0References5
NVD
NVD
added 4 days ago7 views

CVE-2026-49971

Laravel-Mediable before 7.0.0 contains a stored cross-site scripting vulnerability that allows authenticated or anonymous users to execute arbitrary JavaScript by uploading unsanitized SVG files containing embedded scripts in onload event handlers, script tags, or foreignObject elements. Attacker...

6.1CVSS0.00203EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 4 days ago4 views

CVE-2026-49971

Laravel-Mediable before 7.0.0 contains a stored cross-site scripting vulnerability that allows authenticated or anonymous users to execute arbitrary JavaScript by uploading unsanitized SVG files containing embedded scripts in onload event handlers, script tags, or foreignObject elements. Attacker...

6.1CVSS6.3AI score0.00203EPSS
Exploits0References4
CVE
CVE
added 4 days ago12 views

CVE-2026-49971

Laravel-Mediable before 7.0.0 has a stored XSS in SVG file uploads. Both authenticated and anonymous users can upload unsanitized SVG files containing scripts (onload handlers, script tags, or foreignObject) which can store persistent XSS payloads. When victims view or preview the SVG, the payloa...

6.1CVSS6.3AI score0.00203EPSS
Exploits0References3
Rows per page
Query Builder