Lucene search
K

2192 matches found

Positive Technologies
Positive Technologies
added 2024/12/06 12:0 a.m.6 views

PT-2024-35926 · Unknown · Wdesignkit

Name of the Vulnerable Software and Affected Versions: WDesignkit versions 1.0.0 through 1.0.40 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited to gain unauthorized access to the...

6.6CVSS7.6AI score0.00305EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2024/12/05 12:45 p.m.317 views

Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms

CVE-2023-4220-exploit Carga de archivos sin restricciones en...

8.1CVSS7AI score0.76084EPSS
Exploits27
VulnCheck KEV
VulnCheck KEV
added 2024/12/05 12:0 a.m.2 views

VulnCheck KEV: CVE-2023-4220

Unrestricted file upload in big file upload functionality in /main/inc/lib/javascript/bigupload/inc/bigUpload.php in Chamilo LMS = v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell...

8.1CVSS6.3AI score0.76084EPSS
Exploits27References1
NVD
NVD
added 2024/12/02 2:15 p.m.8 views

CVE-2024-52476

Unrestricted Upload of File with Dangerous Type vulnerability in Stefan Bohacek Fediverse Embeds fediverse-embeds allows Upload a Web Shell to a Web Server.This issue affects Fediverse Embeds: from n/a through = 1.5.3...

10CVSS0.00527EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/02 1:48 p.m.20 views

CVE-2024-52476 WordPress Fediverse Embeds plugin <= 1.5.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Stefan Bohacek Fediverse Embeds fediverse-embeds allows Upload a Web Shell to a Web Server.This issue affects Fediverse Embeds: from n/a through = 1.5.3...

10CVSS0.00527EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 1:48 p.m.48 views

CVE-2024-52476

CVE-2024-52476 describes an Unrestricted Upload of File with Dangerous Type in the WordPress plugin Fediverse Embeds (versions

10CVSS7.2AI score0.00527EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/28 10:42 a.m.10 views

CVE-2024-52490 WordPress Pathomation plugin <= 2.5.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in pathomation Pathomation pathomation allows Upload a Web Shell to a Web Server.This issue affects Pathomation: from n/a through = 2.5.1...

10CVSS7.4AI score0.00562EPSS
Exploits0References1
CVE
CVE
added 2024/11/28 10:42 a.m.64 views

CVE-2024-52490

CVE-2024-52490 affects the WordPress Pathomation plugin (versions

10CVSS7.4AI score0.00562EPSS
In wildExploits0References1
Positive Technologies
Positive Technologies
added 2024/11/28 12:0 a.m.6 views

PT-2024-35331 · Unknown · Pathomation

Name of the Vulnerable Software and Affected Versions: Pathomation versions n/a through 2.5.1 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited by uploading harmful files...

10CVSS9.6AI score0.00562EPSS
Exploits0References6
NVD
NVD
added 2024/11/19 5:15 p.m.14 views

CVE-2024-52402

Cross-Site Request Forgery CSRF vulnerability in gunghoinc Exclusive Content Password Protect exclusive-content-password-protect allows Upload a Web Shell to a Web Server.This issue affects Exclusive Content Password Protect: from n/a through = 1.1.0...

9.6CVSS0.00781EPSS
Exploits1References1
NVD
NVD
added 2024/11/19 5:15 p.m.15 views

CVE-2024-52401

Cross-Site Request Forgery CSRF vulnerability in HuangYe WuDeng Hacklog DownloadManager hacklog-downloadmanager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through = 2.1.4...

9.6CVSS0.00255EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/19 4:32 p.m.12 views

CVE-2024-52401 WordPress Hacklog DownloadManager plugin <=2.1.4 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in 荒野无灯 Hacklog DownloadManager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through 2.1.4...

9.6CVSS9.2AI score0.00255EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 4:32 p.m.46 views

CVE-2024-52401

CVE-2024-52401 affects Hacklog DownloadManager plugin (WordPress). A CSRF to Arbitrary File Upload vulnerability exists in versions 2.1.4 and earlier. The CVE entry notes a high-impact flaw (CVSS v3.1: 9.6, network vector, no privileges, user interaction required, changed scope, complete confiden...

9.6CVSS7.2AI score0.00255EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/19 4:32 p.m.24 views

CVE-2024-52401 WordPress Hacklog DownloadManager plugin <=2.1.4 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in HuangYe WuDeng Hacklog DownloadManager hacklog-downloadmanager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through = 2.1.4...

9.6CVSS0.00255EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/19 4:32 p.m.18 views

CVE-2024-52402 WordPress Exclusive Content Password Protect plugin <= 1.1.0 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in Cliconomics Exclusive Content Password Protect allows Upload a Web Shell to a Web Server.This issue affects Exclusive Content Password Protect: from n/a through 1.1.0...

9.6CVSS9.2AI score0.00781EPSS
Exploits1References1
CVE
CVE
added 2024/11/19 4:32 p.m.80 views

CVE-2024-52402

CVE-2024-52402 concerns a CSRF to Arbitrary File Upload vulnerability in WordPress plugin Exclusive Content Password Protect (versions

9.6CVSS7.2AI score0.00781EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.6 views

PT-2024-35240 · Hacklog · Hacklog Downloadmanager

Name of the Vulnerable Software and Affected Versions: Hacklog DownloadManager versions 2.1.4 and earlier Description: A Cross-Site Request Forgery CSRF issue in Hacklog DownloadManager allows attackers to upload a web shell to a web server. This can be exploited by attackers to gain unauthorized...

9.6CVSS9.8AI score0.00255EPSS
Exploits0References5
OSV
OSV
added 2024/11/18 3:15 p.m.3 views

CVE-2024-52429

Unrestricted Upload of File with Dangerous Type vulnerability in Anton Hoelstad WP Quick Setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through 2.0...

8.8CVSS7.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/18 2:19 p.m.18 views

CVE-2024-52429 WordPress WP Quick Setup plugin <= 2.0 - Arbitrary Plugin and Theme Installation to Remote Code Execution vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in AntonHoelstad WP Quick Setup wp-quick-setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through = 2.0...

9.9CVSS7.2AI score0.00901EPSS
Exploits0References1
CVE
CVE
added 2024/11/18 2:19 p.m.54 views

CVE-2024-52429

CVE-2024-52429 affects WordPress WP Quick Setup plugin (

9.9CVSS7.2AI score0.00901EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder