Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2025/12/24 12:48 a.m.7 views

CVE-2025-51511

Cadmium CMS v.0.4.9 has a background arbitrary file upload vulnerability in /admin/content/filemanager/uploads...

9.8CVSS7.2AI score0.002EPSS
Exploits1References1
OSV
OSVadded 2025/09/04 12:15 p.m.0 views

CVE-2025-41037

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataFileManagersearch' parameter in /apprain/admin/filemanager...

5.4CVSS5.7AI score
Exploits0References1
Cvelist
Cvelistadded 2025/09/04 11:9 a.m.2 views

CVE-2025-41037 Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataFileManagersearch' parameter in /apprain/admin/filemanager...

5.1CVSS0.0004EPSS
Exploits0References1
NVD
NVDadded 2024/09/17 1:15 p.m.10 views

CVE-2024-46362

FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/plugin/filemanager/createdirectory...

8.8CVSS0.00135EPSS
Exploits1References1
CNNVD
CNNVDadded 2022/05/23 12:0 a.m.3 views

CSZCMS 代码问题漏洞

CSZCMS is an open source web application that allows managing all content and settings on a website. A security vulnerability exists in CSZCMS version 1.3.0 that originates from the leakage of sensitive data via local files in /admin/filemanager/connector/...

7.5CVSS7.3AI score0.00534EPSS
Exploits1References6
OSV
OSVadded 2021/08/19 7:15 p.m.1 views

CVE-2020-20642

Cross Site Request Forgery CSRF vulnerability exists in EyouCMS 1.3.6 that can add an htm page to execute the js code via login.php?m=admin&c=Filemanager&a=newfile&lang=cn...

8.8CVSS7.4AI score
Exploits0References1
OSV
OSVadded 2019/08/26 1:15 p.m.0 views

CVE-2019-15524

CSZ CMS 1.2.3 allows arbitrary file upload, as demonstrated by a .php file to admin/filemanager in the File Management Module, which leads to remote code execution by visiting a photo/upload/2019/ URI...

9.8CVSS7.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2009/11/03 12:0 a.m.20 views

osCommerce file_manager.php Arbitrary PHP Code Injection (intrusive check)

The version of osCommerce hosted on the remote web server allows a remote attacker to access the Admin filemanager utility without authentication. Further, this utility appears to allow arbitrary PHP code to be stored in files under the web server's document directory and then executed subject to...

5.8AI score
Exploits0References1
Prion
Prionadded 2008/06/30 6:24 p.m.5 views

Authentication flaw

admin/filemanager/ aka the File Manager in EZTechhelp EZCMS 1.2 and earlier does not require authentication, which allows remote attackers to create, modify, read, and delete files...

7.5CVSS7.2AI score0.0608EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder