Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2169 matches found

Cvelist
Cvelistadded 2026/01/06 8:56 p.m.26 views

CVE-2025-30996 Arbitrary File Upload Vulnerability in WordPress themes by Themify

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.Thi...

9.9CVSS0.00195EPSS
Exploits0References9
Vulnrichment
Vulnrichmentadded 2026/01/06 8:56 p.m.4 views

CVE-2025-30996 WordPress Themify Newsy <= 1.9.9 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Newsy newsy allows Upload a Web Shell to a Web Server.This issue affects Themify Newsy: from n/a through = 1.9.9...

9.9CVSS7.3AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/06 11:14 a.m.4 views

CVE-2025-31048

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...

9.9CVSS4.6AI score0.00051EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/06 9:6 a.m.3 views

CVE-2025-15240

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

8.8CVSS8.2AI score0.0017EPSS
Exploits0References1
NVD
NVDadded 2026/01/05 11:17 a.m.3 views

CVE-2025-31048

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...

9.9CVSS0.00051EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/01/05 10:27 a.m.2 views

CVE-2025-31048 WordPress Shopo <= 1.1.4 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...

9.9CVSS6.5AI score0.00051EPSS
Exploits0References1
CVE
CVEadded 2026/01/05 10:27 a.m.8 views

CVE-2025-31048

CVE-2025-31048 affects WordPress plugin/theme Shopo (Themify Shopo) up to version 1.1.4, with an Unrestricted Upload of File with Dangerous Type vulnerability that can permit uploading a web shell to the server. The issue is described across multiple sources (NVD/Red Hat entries and Patchstack), ...

9.9CVSS4.6AI score0.00051EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/05 10:27 a.m.24 views

CVE-2025-31048 WordPress Shopo <= 1.1.4 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...

9.9CVSS0.00051EPSS
Exploits0References1
OSV
OSVadded 2026/01/05 9:15 a.m.1 views

CVE-2025-15240

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

8.8CVSS6.4AI score0.0017EPSS
Exploits0References2
NVD
NVDadded 2026/01/05 9:15 a.m.1 views

CVE-2025-15240

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

8.8CVSS0.0017EPSS
Exploits0References2
CVE
CVEadded 2026/01/05 8:18 a.m.9 views

CVE-2025-15240

CVE-2025-15240 concerns Quanta Computer’s QOCA aim AI Medical Cloud Platform. Multiple trusted sources confirm an Arbitrary File Upload vulnerability that enables an authenticated remote attacker to upload and execute a WebShell backdoor, resulting in arbitrary code execution on the affected serv...

8.8CVSS7.9AI score0.0017EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/05 8:18 a.m.3 views

CVE-2025-15240 Quanta Computer|QOCA aim AI Medical Cloud Platform - Arbitrary File Upload

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

8.8CVSS7.9AI score0.0017EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/01/05 8:18 a.m.22 views

CVE-2025-15240 Quanta Computer|QOCA aim AI Medical Cloud Platform - Arbitrary File Upload

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

8.8CVSS0.0017EPSS
Exploits0References2
EUVD
EUVDadded 2026/01/05 8:18 a.m.3 views

EUVD-2026-0902

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

8.8CVSS7.8AI score0.0017EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/01/05 12:0 a.m.4 views

PT-2026-1235

Name of the Vulnerable Software and Affected Versions QOCA aim AI Medical Cloud Platform affected versions not specified Description The QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload issue. Authenticated remote attackers can upload and execute web...

8.8CVSS7.9AI score0.0017EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2026/01/05 12:0 a.m.3 views

PT-2026-1265

Name of the Vulnerable Software and Affected Versions Themify Shopo versions through 1.1.4 Description An unrestricted file upload issue exists in Themify Shopo, allowing the upload of a web shell to a web server. This allows for remote code execution. The vulnerability involves the upload of fil...

9.9CVSS7.9AI score0.00051EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2025/12/31 5:6 p.m.2 views

CVE-2025-52835

Cross-Site Request Forgery CSRF vulnerability in ConoHa by GMO WING WordPress Migrator wing-migrator allows Upload a Web Shell to a Web Server.This issue affects WING WordPress Migrator: from n/a through = 1.2.0...

9.6CVSS5.9AI score0.00018EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/12/30 11:15 p.m.3 views

CVE-2025-68562

Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through 8.7.3...

9.9CVSS5.2AI score0.00051EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2025/12/30 6:21 p.m.336 views

Exploit for CVE-2025-52691

CVE-2025-52691 PoC: SmarterMail Arbitrary File Upload RCE APT...

10CVSS8.8AI score0.8966EPSS
Exploits15
NVD
NVDadded 2025/12/30 5:15 p.m.3 views

CVE-2025-52835

Cross-Site Request Forgery CSRF vulnerability in ConoHa by GMO WING WordPress Migrator wing-migrator allows Upload a Web Shell to a Web Server.This issue affects WING WordPress Migrator: from n/a through = 1.2.0...

9.6CVSS0.00018EPSS
Exploits0References1
Rows per page
Query Builder