Lucene search
K

1398 matches found

CVE
CVE
added 7 hours ago6 views

CVE-2026-57710

Summary: The WordPress plugin WoowBot Pro Max (woowbot-pro-max) up to version 14.1.7 is affected by an Unrestricted/Arbitrary File Upload vulnerability. The issue allows uploading dangerous files, classified as a Critical risk (CVSS v3.1: AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). The affected line is...

9.9CVSS6.1AI score
Exploits0References1
CVE
CVE
added 7 hours ago8 views

CVE-2026-57719

CVE-2026-57719 affects the WordPress plugin Aimogen Pro (versions up to and including 2.8.3). The vulnerability is described as Unrestricted Upload of File with Dangerous Type (Arbitrary File Upload) in Aimogen Pro, allowing attackers to upload malicious files. The CVSS v3.1 metrics indicate a ba...

10CVSS6.1AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 3 days ago4 views

Siemens SIPROTEC 5 Using DIGSI5 Protocol Unrestricted Upload of File with Dangerous Type (CVE-2025-40808)

The affected application allows authenticated users to upload arbitrary files using DIGSI 5 protocol. This could allow an attacker to upload malicious configuration files, that could cause denial of service condition and potentially lead to code execution. This plugin only works with Tenable.ot...

6.9CVSS6.1AI score0.00186EPSS
Exploits0References3
CISA KEV Catalog
CISA KEV Catalog
added 3 days ago6 views

iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability

iCagenda contains an unrestricted upload of file with dangerous type vulnerability that allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution...

10CVSS6.2AI score0.01505EPSS
In wildExploits4
CISA KEV Catalog
CISA KEV Catalog
added 3 days ago7 views

Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability

Balbooa Forms contains an unrestricted upload of file with dangerous type vulnerability that allows an unauthenticated arbitrary file upload which could allow uploading of executable files leading to full RCE...

10CVSS6.2AI score0.00836EPSS
In wildExploits3
CVE
CVE
added 2026/06/30 3:11 p.m.31 views

CVE-2026-48276

CVE-2026-48276 affects ColdFusion versions 2025.9, 2023.20 and earlier. The issue is an Unrestricted Upload of File with Dangerous Type (CWE-434) that could lead to arbitrary code execution in the context of the current user. Exploitation does not require user interaction. The vulnerability scope...

10CVSS6.4AI score0.00917EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/30 3:11 p.m.45 views

CVE-2026-48276 ColdFusion | Unrestricted Upload of File with Dangerous Type (CWE-434)

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS0.00917EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 7:16 p.m.10 views

CVE-2026-57700

Unrestricted Upload of File with Dangerous Type vulnerability in Daan.Dev OMGF Pro allows Using Malicious Files. This issue affects OMGF Pro: from n/a through 5.2.6...

10CVSS0.00373EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 5:29 p.m.16 views

CVE-2026-57700

Summary of CVE-2026-57700 (WordPress OMGF Pro plugin

10CVSS5.8AI score0.00373EPSS
In wildExploits0References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52555

Name of the Vulnerable Software and Affected Versions OMGF Pro versions prior to 5.2.7 Description An unrestricted file upload flaw allows unauthenticated users to upload malicious files of dangerous types. This issue can lead to remote code execution RCE, which is the ability of an attacker to...

10CVSS6.6AI score0.00373EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/24 4:5 p.m.6 views

Security Bulletin: Unrestricted upload of file with dangerous type, improper certificate validation, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency Service is vulnerable to unrestricted upload of file with dangerous type, improper certificate validation, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-3219 DESCRIPTION: pip handles concatenated tar and ZIP fil...

9.1CVSS6.3AI score0.00715EPSS
Exploits2Affected Software1
CVE
CVE
added 2026/06/23 4:8 p.m.18 views

CVE-2026-50023

CVE-2026-50023 affects yt-dlp. Before 2026-06-09, an issue allowed remote attackers to write arbitrary OS-shortcut files (e.g., .desktop, .url, .webloc) via the --write-link option by exploiting unsafe extensions that were on the allowlist, bypassing the prior CVE-2024-38519 remediation. This cou...

9.6CVSS6AI score0.00555EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/06/16 10:39 a.m.11 views

EUVD-2026-37065

Unrestricted Upload of File with Dangerous Type vulnerability in themagnifico52 Kids Online Store allows Upload a Web Shell to a Web Server. This issue affects Kids Online Store: from n/a through 0.8.9...

9.9CVSS5.2AI score0.00273EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 3:16 p.m.16 views

CVE-2026-6211

Unrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services Inc. WEOLL allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WEOLL: from 2.0.9 before 3.2.45.33...

8.7CVSS0.0021EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:10 p.m.12 views

EUVD-2026-36437

Unrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services Inc. WEOLL allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WEOLL: from 2.0.9 before 3.2.45.33...

8.7CVSS5.2AI score0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.21 views

PT-2026-48884

Name of the Vulnerable Software and Affected Versions WEOLL versions 2.0.9 through 3.2.45.32 Description An unrestricted file upload flaw allows the upload of dangerous file types. This issue enables attackers to access functionality that is not properly constrained by Access Control Lists ACLs,...

8.7CVSS5.2AI score0.0021EPSS
Exploits0References3
NVD
NVD
added 2026/06/11 4:16 p.m.17 views

CVE-2026-11839

Unrestricted upload of file with dangerous type vulnerability in Başarsoft Information Technologies Inc. Rotaban allows Upload a Web Shell to a Web Server. This issue affects Rotaban: from V2026.06.002 before V2026.06.003...

9.9CVSS0.00335EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 1:16 p.m.13 views

CVE-2026-7852

Unrestricted upload of file with dangerous type vulnerability in Limatek System Inc. LimRAD NAC allows Remote Code Inclusion. This issue affects LimRAD NAC: before 5.5.7.3.9...

9.8CVSS0.00358EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 11:36 a.m.12 views

EUVD-2026-36237

Unrestricted upload of file with dangerous type vulnerability in Limatek System Inc. LimRAD NAC allows Remote Code Inclusion. This issue affects LimRAD NAC: before 5.5.7.3.9...

9.8CVSS5.6AI score0.00358EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

Başarsoft Rotaban 代码问题漏洞

Başarsoft Rotaban is a service route optimization platform developed by the Turkish company Başarsoft. Versions of Başarsoft Rotaban prior to V2026.06.002 and V2026.06.003 contained code vulnerabilities. These vulnerabilities stemmed from the unlimited upload of dangerous type files, which could...

9.9CVSS5.4AI score0.00335EPSS
Exploits0References1
Rows per page
Query Builder