Lucene search
K

128 matches found

GitLab Advisory Database
GitLab Advisory Database
added 2024/06/07 12:0 a.m.30 views

aimeos-core arbitrary file uopload vulnerability

An arbitrary file upload vulnerability in the image upload function of aimeos-core v2024.04 allows attackers to execute arbitrary code via uploading a crafted PHP file...

7.7AI score
Exploits0References8Affected Software1
NVD
NVD
added 2024/06/06 10:15 p.m.19 views

CVE-2024-36774

An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary code via uploading a crafted PHP file...

8CVSS0.00722EPSS
Exploits1References1
NVD
NVD
added 2024/03/13 9:15 p.m.20 views

CVE-2023-41505

An arbitrary file upload vulnerability in the Add Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

9.8CVSS7.5AI score0.00788EPSS
Exploits0References1
OSV
OSV
added 2024/03/13 9:15 p.m.6 views

CVE-2023-41505

An arbitrary file upload vulnerability in the Add Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

9.8CVSS6.1AI score0.00788EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/13 12:0 a.m.15 views

CVE-2023-41505

An arbitrary file upload vulnerability in the Add Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

7.8AI score0.00788EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 10:55 a.m.21 views

BIT-LIMESURVEY-2022-48008

An arbitrary file upload vulnerability in the plugin manager of LimeSurvey v5.4.15 allows attackers to execute arbitrary code via a crafted PHP file...

9.8CVSS9.6AI score0.01267EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/02/28 12:0 a.m.15 views

CVE-2024-25869

An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component...

7.9AI score0.1869EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/02/27 12:0 a.m.11 views

CVE-2023-41506

An arbitrary file upload vulnerability in the Update/Edit Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

7.8AI score0.00882EPSS
Exploits0References1
NVD
NVD
added 2024/01/11 10:15 p.m.19 views

CVE-2023-46474

File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the startimport.php file...

7.2CVSS7.4AI score0.23416EPSS
Exploits1References2
Prion
Prion
added 2024/01/11 10:15 p.m.16 views

Unrestricted file upload

File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the startimport.php file...

5.8CVSS8.4AI score0.23416EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/01/11 12:0 a.m.22 views

CVE-2023-46474

File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the startimport.php file...

7.6AI score0.23416EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/10/26 9:15 p.m.5 views

CVE-2023-33559

A local file inclusion vulnerability via the lang parameter in OcoMon before v4.0.1 allows attackers to execute arbitrary code by supplying a crafted PHP file...

8.8CVSS6.2AI score0.00684EPSS
Exploits0References3
NVD
NVD
added 2023/10/03 9:15 p.m.14 views

CVE-2023-44974

An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

9.8CVSS9.7AI score0.19064EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/09/28 12:0 a.m.16 views

CVE-2023-43226

An arbitrary file upload vulnerability in dede/baidunews.php in DedeCMS 5.7.111 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file...

7.7AI score0.00858EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/08/17 12:0 a.m.19 views

CVE-2023-31946

File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the artical.php...

7.5AI score0.01211EPSS
Exploits1References1
NVD
NVD
added 2023/08/03 2:15 a.m.22 views

CVE-2023-36212

File Upload vulnerability in Total CMS v.1.7.4 allows a remote attacker to execute arbitrary code via a crafted PHP file to the edit page function...

8.8CVSS8.8AI score0.23732EPSS
Exploits1References3
NVD
NVD
added 2023/07/13 10:15 p.m.20 views

CVE-2023-37839

An arbitrary file upload vulnerability in /dede/filemanagecontrol.php of DedeCMS v5.7.109 allows attackers to execute arbitrary code via uploading a crafted PHP file...

9.8CVSS0.01042EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2023/07/05 12:0 a.m.10 views

VulnCheck KEV: CVE-2022-44354

SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file...

9.8CVSS7.3AI score0.02131EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/03 12:0 a.m.9 views

CVE-2020-22153

File Upload vulnerability in FUEL-CMS v.1.4.6 allows a remote attacker to execute arbitrary code via a crafted .php file to the upload parameter in the navigation function...

7.8AI score0.01453EPSS
Exploits1References1
NVD
NVD
added 2023/06/07 2:15 a.m.23 views

CVE-2023-33601

An arbitrary file upload vulnerability in /admin.php?c=upload of phpok v6.4.100 allows attackers to execute arbitrary code via a crafted PHP file...

8.8CVSS8.9AI score0.00945EPSS
Exploits1References1
Rows per page
Query Builder