CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-10453

Malware in sbrugna...

7.5CVSS7.6AI score0.00352EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-35281

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00314EPSS

Exploits1References1

RedhatCVE•added 2025/02/14 12:11 a.m.•6 views

CVE-2024-35324

Douchat 4.0.5 suffers from an arbitrary file upload vulnerability via Public/Plugins/webuploader/server/preview.php...

9.8CVSS7.1AI score0.00314EPSS

Exploits1References3

NVD•added 2024/05/28 4:15 p.m.•9 views

CVE-2024-35324

Douchat 4.0.5 suffers from an arbitrary file upload vulnerability via Public/Plugins/webuploader/server/preview.php...

9.8CVSS6.8AI score0.00314EPSS

Exploits1References1

OSV•added 2024/05/28 4:15 p.m.•1 views

CVE-2024-35324

Douchat 4.0.5 suffers from an arbitrary file upload vulnerability via Public/Plugins/webuploader/server/preview.php...

9.8CVSS6.6AI score

Exploits0References1

Cvelist•added 2024/05/28 3:25 p.m.•22 views

CVE-2024-35324

Douchat 4.0.5 suffers from an arbitrary file upload vulnerability via Public/Plugins/webuploader/server/preview.php...

6.8AI score0.00314EPSS

Exploits1References1

Positive Technologies•added 2024/05/28 12:0 a.m.•1 views

PT-2024-26432 · Douchat · Douchat

Name of the Vulnerable Software and Affected Versions: Douchat version 4.0.5 Description: The issue is related to an arbitrary file upload vulnerability. This vulnerability can be exploited via the Public/Plugins/webuploader/server/preview.php endpoint. Recommendations: For Douchat version 4.0.5,...

9.8CVSS6.9AI score0.00314EPSS

Exploits1References4

CNNVD•added 2024/05/28 12:0 a.m.•1 views

Douchat 安全漏洞

Douchat is a clean and efficient WeChat development framework from Douxin Douchat. A security vulnerability exists in Douchat version 4.0.5, which originates from an arbitrary file upload vulnerability in the file Public/Plugins/webuploader/server/preview.php...

9.8CVSS6.9AI score0.00314EPSS

Exploits1References3

NVD•added 2018/10/29 12:29 p.m.•7 views

CVE-2018-18737

An XXE issue was discovered in Douchat 4.0.4 because Data\notify.php calls simplexmlloadstring. This can also be used for SSRF...

7.5CVSS7.5AI score0.00352EPSS

Exploits1References1

OSV•added 2018/10/29 12:29 p.m.•2 views

CVE-2018-18737

An XXE issue was discovered in Douchat 4.0.4 because Data\notify.php calls simplexmlloadstring. This can also be used for SSRF...

7.5CVSS7.5AI score

Exploits0References1

Prion•added 2018/10/29 12:29 p.m.•10 views

Design/Logic Flaw

An XXE issue was discovered in Douchat 4.0.4 because Data\notify.php calls simplexmlloadstring. This can also be used for SSRF...

5CVSS7.5AI score0.00352EPSS

Exploits1References1Affected Software1

Cvelist•added 2018/10/28 3:0 a.m.•10 views

CVE-2018-18737

An XXE issue was discovered in Douchat 4.0.4 because Data\notify.php calls simplexmlloadstring. This can also be used for SSRF...

7.5AI score0.00352EPSS

Exploits1References1

CVE•added 2018/10/28 3:0 a.m.•36 views

CVE-2018-18737

CVE-2018-18737 describes an XXE in Douchat 4.0.4 caused by Data\notify.php calling simplexml_load_string, which can also enable SSRF. Affected software: Douchat 4.0.4 (no other versions/products specified). Root cause: improper XML parsing via simplexml_load_string leading to external entity proc...

7.5CVSS7.5AI score0.00352EPSS

Exploits1References1Affected Software1