Lucene search
K

121 matches found

CVE
CVE
added 5 days ago13 views

CVE-2026-33560

The CVE-2026-33560 issue affects the DMP-5000 file service, where an authenticated user can upload files of any type without validation, because there is no file-extension filtering or content inspection, allowing executable binaries/scripts to be written to the server. The vulnerability stems fr...

8.4CVSS5.9AI score0.00341EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 9:17 p.m.10 views

CVE-2026-47388

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a low-privilege MCP token holder with knowledge of an attachment path could read any file in shared storage, including attachments belonging to other bases and workspaces, because the MCP readAttachment tool did not...

2.3CVSS0.00209EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 5:17 p.m.8 views

CVE-2026-55447

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, by controlling a files that are digested into the RAG, an attacker can direct the node to read any file on the file-system by absolute path. All components based on BaseFileComponent are vulnerable to t...

9.6CVSS0.00411EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.13 views

CVE-2026-9067

The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user capabilities on its frontend AJAX file-upload handlers and does not validate the actual content of uploaded files against the endpoint's intended media type, allowing unauthenticated users to upload any fil...

9.1CVSS5.5AI score0.00426EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/10 6:0 a.m.45 views

CVE-2026-9067 Schema & Structured Data for WP & AMP < 1.60 - Unauthenticated Arbitrary Media Upload

The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user capabilities on its frontend AJAX file-upload handlers and does not validate the actual content of uploaded files against the endpoint's intended media type, allowing unauthenticated users to upload any fil...

0.00426EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.8 views

CVE-2026-41412

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5-2606, the alf.io extension sandbox injects a fully-functional HTTP client simpleHttpClient into every extension script's scope. The postFileAndSaveResponse method accep...

4.9CVSS5.5AI score0.00317EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 4:16 p.m.16 views

CVE-2026-35718

A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request...

6.5CVSS0.00741EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/02 12:0 a.m.38 views

CVE-2026-35718

A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request...

0.00741EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/02 12:0 a.m.7 views

CVE-2026-35718

A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request...

5.8AI score0.00741EPSS
Exploits0References3
NVD
NVD
added 2026/05/28 10:16 a.m.10 views

CVE-2025-48977

Relative Path Traversal vulnerability in Apache Ignite REST API. Authenticated REST API users can read any file on the server with "cmd=log" command and a log path crafted in a certain way. This issue affects Apache Ignite: from 2.0.0 through 2.17.0. Users are recommended to upgrade to version...

8.5CVSS0.00526EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Tassos Framework Plugin 访问控制错误漏洞

The Tassos Framework Plugin is a Joomla extension and functionality enhancement framework developed by Tassos Marinos. The Tassos Framework Plugin has a security vulnerability related to access control, which allows users to delete any file on the affected site...

9.3CVSS5.8AI score0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.13 views

Bludit 代码问题漏洞

Bludit is an open-source, lightweight blog content management system developed by Bludit. Bludit has code vulnerabilities that allow authenticated attackers to upload any type of file, potentially leading to remote code execution...

8.8CVSS6.1AI score0.01919EPSS
Exploits4References3
ATTACKERKB
ATTACKERKB
added 2026/03/26 6:0 a.m.2 views

CVE-2025-15433

The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...

6.8CVSS5.8AI score0.0043EPSS
Exploits0References1
OSV
OSV
added 2026/03/17 11:51 p.m.5 views

CVE-2026-27895 LAM has incorrect regular expression in PDF export component that allows user to upload files of any type

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type including .php files can be uploaded. With...

4.3CVSS6.4AI score0.00419EPSS
Exploits0References5
NVD
NVD
added 2026/03/02 1:16 p.m.6 views

CVE-2025-14532

DobryCMS's upload file functionality allows an unauthenticated remote attacker to upload files of any type and extension without restriction, which can result in Remote Code Execution. This issue was fixed in versions above 5.0...

9.8CVSS0.00536EPSS
Exploits0References1
CVE
CVE
added 2026/03/02 12:49 p.m.7 views

CVE-2025-14532

CVE-2025-14532 describes an unauthenticated file-upload flaw in DobryCMS that allows uploading files of any type/extension, enabling remote code execution. The NVD entry indicates a high-severity, network-accessible issue (CVSS v4.0-like metrics: base score 9.3; impacts to confidentiality, integr...

9.8CVSS6AI score0.00536EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.5 views

PT-2026-22581

Name of the Vulnerable Software and Affected Versions DobryCMS versions prior to 5.0 Description The software’s file upload functionality allows unauthenticated remote attackers to upload files of any type and extension without restriction. This can lead to Remote Code Execution. Recommendations...

9.8CVSS5.9AI score0.00536EPSS
Exploits0References8
OSV
OSV
added 2026/02/04 7:55 p.m.3 views

CVE-2026-25475 OpenClaw Vulnerable to Local File Inclusion via MEDIA: Path Extraction

OpenClaw is a personal AI assistant. Prior to version 2026.1.30, the isValidMedia function in src/media/parse.ts allows arbitrary file paths including absolute paths, home directory paths, and directory traversal sequences. An agent can read any file on the system by outputting MEDIA:/path/to/fil...

6.5CVSS5.5AI score0.00745EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/14 1:22 a.m.6 views

CVE-2026-0496

SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to upload any file including script files without proper file format validation. This has low impact on confidentiality, integrity and availability of the application...

6.6CVSS7AI score0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/13 12:0 a.m.38 views

CVE-2025-69992

phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables the upload of files of any format to the server without identity authentication...

0.00508EPSS
Exploits1References1
Rows per page
Query Builder