Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2011/01/28 8:29 p.m.13 views

CVE-2011-0678

Unrestricted file upload vulnerability in the EasyEdit module in Lomtec ActiveWeb Professional 3.0 allows remote attackers to execute arbitrary code by uploading an executable file via the UploadDirectory and Accepted Extensions fields in the getImagefile component of EasyEdit.cfm...

7.7AI score0.22372EPSS
Exploits1References7
CVE
CVEadded 2011/01/28 8:29 p.m.42 views

CVE-2011-0678

CVE-2011-0678 affects Lomtec ActiveWeb Professional 3.0, via the EasyEdit module. The Unrestricted file upload vulnerability exists in the getImagefile component (EasyEdit.cfm), allowing an attacker to upload an executable file through UploadDirectory and Accepted Extensions fields to achieve rem...

6.8CVSS8AI score0.22372EPSS
Exploits1References7Affected Software1
securityvulns
securityvulnsadded 2011/01/28 12:0 a.m.43 views

Lomtec ActiveWeb Professional 3.0 CMS Allows Arbitrary File Upload and Execution as SYSTEM in ColdFusion (2010-WEB-002) (CERT VU#528212)

------------------------------------------------------------------------------------- www.ExploitDevelopment.com 2010-WEB-002 CERT VU870532 Security Focus BID 45985 ------------------------------------------------------------------------------------- TITLE: Lomtec ActiveWeb Professional 3.0 CMS...

0.5AI score
Exploits0
Packet Storm
Packet Stormadded 2011/01/27 12:0 a.m.25 views

Lomtec ActiveWeb Professional 3.0 CMS Shell Upload / SYSTEM Execution

------------------------------------------------------------------------------------- www.ExploitDevelopment.com 2010-WEB-002 CERT VU870532 Security Focus BID 45985 ------------------------------------------------------------------------------------- TITLE: Lomtec ActiveWeb Professional 3.0 CMS...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2011/01/25 12:0 a.m.15 views

ActiveWeb Professional 3.0 - Arbitrary File Upload

ActiveWeb Professional 3.0 - Arbitrary File Upload source: https://www.securityfocus.com/bid/45985/info ActiveWeb Professional is prone to an arbitrary-file-upload vulnerability because the application fails to adequately sanitize user-supplied input. An attacker may leverage this issue to upload...

Exploits0
Exploit DB
Exploit DBadded 2011/01/25 12:0 a.m.23 views

ActiveWeb Professional 3.0 - Arbitrary File Upload

source: https://www.securityfocus.com/bid/45985/info ActiveWeb Professional is prone to an arbitrary-file-upload vulnerability because the application fails to adequately sanitize user-supplied input. An attacker may leverage this issue to upload arbitrary files to the affected computer; successf...

7.4AI score
Exploits0
CERT
CERTadded 2011/01/25 12:0 a.m.15 views

Lomtec ActiveWeb Professional 3.0 CMS allows arbitrary file upload and execution

Overview Lomtec ActiveWeb Professional 3.0 web content management server allows unauthenticated users to upload arbitrary files. Description According to Lomtec's website: "Lomtec ActiveWeb offers an ideal solution for the creation, maintenance and administration of a Web site and its content. "...

8AI score
Exploits0References1
Rows per page
Query Builder