Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.16 views

EUVD-2019-8670

Malware in sbrugna...

9CVSS7AI score0.02332EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-19026

Malicious code in bioql PyPI...

10CVSS6.2AI score0.02417EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-38271

Malicious code in bioql PyPI...

8.8CVSS7.9AI score0.00242EPSS
Exploits0References1
NVD
NVD
added 2025/06/24 3:15 p.m.4 views

CVE-2025-32977

Quest KACE Systems Management Appliance SMA 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 Patch 5, and 14.1.x before 14.1.101 Patch 4 allows unauthenticated users to upload backup files to the system. While signature validation is implemented,...

9.6CVSS0.00906EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/10/16 6:43 a.m.12 views

CVE-2024-8746 File Manager Pro <= 8.3.9 - Unauthenticated Backup File Download and Upload

The File Manager Pro plugin for WordPress is vulnerable to arbitrary backup file downloads and uploads due to missing file type validation via the 'mkfilefoldermanagershortcode' ajax action in all versions up to, and including, 8.3.9. This makes it possible for unauthenticated attackers, if grant...

7.5CVSS8.2AI score0.00594EPSS
Exploits0References2
Prion
Prion
added 2023/03/31 10:15 p.m.21 views

Design/Logic Flaw

Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a backup file containing a modified "users.json" to the web server of the device, allowing him to replace the administrator password...

6.5CVSS8.9AI score0.01301EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2019/12/02 4:54 p.m.52 views

CVE-2019-19020

CVE-2019-19020 affects TitanHQ WebTitan up to version 5.17. An attacker with a valid WebTitan web interface account can upload a crafted backup file that allows arbitrary code execution by overwriting existing files or adding new PHP files under the web root. This results in remote code execution...

9CVSS7.3AI score0.02332EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/12/02 4:54 p.m.24 views

CVE-2019-19020

An issue was discovered in TitanHQ WebTitan before 5.18. In the administration web interface it is possible to upload a crafted backup file that enables an attacker to execute arbitrary code by overwriting existing files or adding new PHP files under the web root. This requires the attacker to ha...

7.3AI score0.02332EPSS
Exploits1References2
CNVD
CNVD
added 2019/10/28 12:0 a.m.2 views

Xiaomi Mi WiFi R3G Command Injection Vulnerability

The Xiaomi Mi WiFi R3G is a 3G router from the Chinese company Xiaomi Technology. A security vulnerability exists in the Xiaomi Mi WiFi R3G backup file upload handling, which allows remote attackers to exploit the vulnerability to submit a special request that can execute arbitrary OS commands...

9.8CVSS9.3AI score0.40295EPSS
Exploits2References1
NVD
NVD
added 2019/10/23 9:15 p.m.20 views

CVE-2019-18370

An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The backup file is in tar.gz format. After uploading, the application uses the tar zxf command to decompress, so one can control the contents of the files in the decompressed directory. In addition, the application's sh...

9.8CVSS9.8AI score0.40295EPSS
Exploits2References1
CVE
CVE
added 2018/11/30 2:0 p.m.54 views

CVE-2018-16093

CVE-2018-16093 affects Lenovo XClarity Integrator for VMware prior to version 5.5. An authenticated user can write to arbitrary system files due to insufficient filtering during backup file uploads. CNVD/NVD entries corroborate this behavior. Remediation: upgrade LXCI for VMware to version 5.5 or...

6.5CVSS6.4AI score0.00733EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/11/27 12:0 a.m.2 views

File Upload Vulnerability in SEMCMS_ASP_v4.5

SemCMS is an open source foreign trade enterprise website management system, written in vbscript language, combined with iis running, SemCMS is very suitable for foreign trade enterprises, e-commerce Internet use. SemCms ASPv4.5 version of the editor database backup file upload vulnerability ,...

6.9AI score
Exploits0
Rows per page
Query Builder