Lucene search
K

8 matches found

Vulnrichment
Vulnrichment
added 2026/06/03 12:0 a.m.6 views

CVE-2026-37700

Cross Site Scripting vulnerability in MaxSite CMS v.109.2 allows a remote attacker to obtain sensitive information via the Backend page file upload endpoint used by adminpage...

5.8AI score0.00193EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/24 7:31 p.m.14 views

CVE-2025-2708 zhijiantianya ruoyi-vue-pro Backend File Upload Interface upload path traversal

A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. This affects an unknown part of the file /admin-api/infra/file/upload of the component Backend File Upload Interface. The manipulation of the argument path leads to path traversal. It is possible to...

5.5CVSS0.00809EPSS
Exploits1References4
OSV
OSV
added 2024/09/18 9:15 p.m.4 views

CVE-2024-46373

Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend...

8.8CVSS6.2AI score0.00491EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/09 1:48 p.m.29 views

CVE-2024-28190 Contao core bundle vulnerable to cross site scripting in the file manager

Contao is an open source content management system. Starting in version 4.0.0 and prior to version 4.13.40 and 5.3.4, users can inject malicious code in filenames when uploading files back end and front end, which is then executed in tooltips and popups in the back end. Contao versions 4.13.40 an...

5.4CVSS5.7AI score0.00502EPSS
Exploits0References4
OSV
OSV
added 2022/10/03 2:15 a.m.3 views

CVE-2022-40886

DedeCMS 5.7.98 has a file upload vulnerability in the background...

7.2CVSS5.8AI score0.01019EPSS
Exploits1References1
CNVD
CNVD
added 2020/05/04 12:0 a.m.2 views

Backend File Upload Vulnerability in phpSQLiteCMS

phpSQLiteCMS is an open source web content management system based on PHP and SQLite. A backend file upload vulnerability exists in phpSQLiteCMS, which can be exploited by attackers to gain control of a web server...

7.3AI score
Exploits0
CNVD
CNVD
added 2019/03/08 12:0 a.m.2 views

OFCMS backend editUploadImage method has file upload vulnerability

OFCMS is a content management system developed based on java technology. A file upload vulnerability exists in the editUploadImage method in the background of OFCMS, which can be exploited by an attacker to upload a webshell and gain access to the server, posing an information leakage and...

6.9AI score
Exploits0
CNVD
CNVD
added 2016/01/14 12:0 a.m.2 views

KingTop CMS -- Tupy Technology Backend File Upload Vulnerability

KingTop CMS is a set of easy to learn , simple operation of the open source content management system . KingTop CMS -- Tupy Technology backend file upload vulnerability , attackers can upload webshell through the vulnerability , so as to obtain sensitive information...

6.7AI score
Exploits0
Rows per page
Query Builder