Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2025/03/21 12:0 a.m.2 views

PT-2025-12451 · Unknown · Lzcms-Laozhangbokexitong

Name of the Vulnerable Software and Affected Versions: LzCMS-LaoZhangBoKeXiTong versions up to 1.1.4 Description: A critical issue affects some unknown functionality of the file /admin/upload/upimage.html, specifically the HTTP POST Request Handler component. The manipulation of the File argument...

6.5CVSS6.3AI score0.00063EPSS
Exploits1References10
CNNVD
CNNVDadded 2024/10/11 12:0 a.m.2 views

07FLY CRM 安全漏洞

07FLY CRM is an OA office system of China Zero Takeoff 07FLY. A security vulnerability exists in 07FLY CRM version 1.3.8, which originates from the parameter file in the file /admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule1 that can lead to unrestricted uploads...

7.2CVSS5AI score0.00101EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2024/04/13 12:0 a.m.1 views

PT-2024-27516 · Unknown · Cym1102 Nginxwebui

Name of the Vulnerable Software and Affected Versions: cym1102 nginxWebUI versions up to 3.9.9 Description: A critical vulnerability was found in the cym1102 nginxWebUI, affecting unknown code of the file /adminPage/main/upload. The manipulation of the argument file leads to os command injection...

9.8CVSS7.1AI score0.01122EPSS
Exploits1References9
CNNVD
CNNVDadded 2023/05/25 12:0 a.m.1 views

PHPOK 代码问题漏洞

PHPOK is an enterprise building system that supports expansion. PHPOK version 6.4.100 suffers from an arbitrary file upload vulnerability, which stems from admin.php?c=upload&f=zip&noCache=0.1683794968 lack of valid validation of the uploaded file. An attacker can exploit this vulnerability to...

8.8CVSS7.5AI score0.00484EPSS
Exploits1References4
CNNVD
CNNVDadded 2022/10/17 12:0 a.m.1 views

74cms 代码问题漏洞

XUNYI TECHNOLOGY 74cms is a PHP and MySQL based online recruitment system from China Xunyi Technology Company. A security vulnerability exists in version 74cmsSE v3.13.0, which stems from the /apiadmin/upload/attach component that allows an attacker to upload arbitrary files, resulting in the...

9.8CVSS8.7AI score0.00801EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/04/10 12:0 a.m.1 views

newbee-mall 代码问题漏洞

newbee-mall is an e-commerce system. newbee-mall v1.0.0 has a security vulnerability that can be exploited by attackers to upload arbitrary files via the upload function of /admin/goods/edit...

9.8CVSS5.8AI score0.00363EPSS
Exploits1References2
CNNVD
CNNVDadded 2021/09/13 12:0 a.m.3 views

KiteCMS 代码问题漏洞

KiteCMS is a content management system based on think php. An arbitrary file upload vulnerability exists in /admin/upload/uploadfile in KiteCMS version 1.1. An attacker can exploit the vulnerability getshell via a specially crafted PHP file...

7.8CVSS5.8AI score0.00201EPSS
Exploits1References2
CNVD
CNVDadded 2018/01/29 12:0 a.m.4 views

WordPress Splashing Images Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Splashing Images wp-splashing-images is used in one of the image selection plugin . A cross-site scripting...

4.8CVSS6AI score0.00389EPSS
Exploits2References1
Rows per page
Query Builder