Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.14 views

CVE-2024-34555

Unrestricted Upload of File with Dangerous Type vulnerability in URBAN BASE Z-Downloads.This issue affects Z-Downloads: from n/a through 1.11.3...

10CVSS5.2AI score0.01226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:1 p.m.8 views

CVE-2020-25048

An issue was discovered on Samsung mobile devices with Q10.0 with ONEUI 2.1 software. In the Lockscreen state, the Quick Share feature allows unauthenticated downloads, aka file injection. The Samsung ID is SVE-2020-17760 August 2020...

4.6CVSS7.6AI score0.00171EPSS
Exploits0
AstraLinux
AstraLinux
added 2024/06/26 1:32 p.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI through a malicious file. Chromium security severity: Medium...

8.8CVSS7.5AI score0.00469EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/19 12:0 a.m.5 views

Prestashop 路径遍历漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. Prestashop 1.7.20 and previous versions of the existence of path traversal...

7.5CVSS6.5AI score0.00697EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2021/09/16 12:0 a.m.3 views

VulnCheck KEV: CVE-2020-24949

Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user not admin to send a crafted request to the server and perform remote command execution RCE...

9CVSS7.5AI score0.67289EPSS
Exploits4References1
Github Security Blog
Github Security Blog
added 2020/09/03 3:53 p.m.19 views

Malicious Package in m-backdoor

All versions of m-backdoor contain malicious code. The package downloads a file from a remote server and executes it as a preinstall script. At the time of the release of this advisory the downloaded file only defaces websites by removing elements randomly from the DOM. Recommendation Remove the...

5.1AI score
Exploits0References2Affected Software1
OSV
OSV
added 2020/09/03 2:15 p.m.2 views

CVE-2020-24949

Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user not admin to send a crafted request to the server and perform remote command execution RCE...

8.8CVSS7.4AI score
Exploits0References2
Veracode
Veracode
added 2019/07/15 2:51 a.m.7 views

Malicious Package

next-util is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...

6.5AI score
Exploits0
Veracode
Veracode
added 2019/07/15 2:51 a.m.8 views

Malicious Package

midway-dataproxy is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...

6.5AI score
Exploits0
Veracode
Veracode
added 2019/07/15 2:51 a.m.10 views

Malicious Package

cicada-render is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...

6.5AI score
Exploits0
Veracode
Veracode
added 2019/07/15 2:51 a.m.8 views

Malicious Package

hsf-clients is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...

6.5AI score
Exploits0
Veracode
Veracode
added 2019/07/15 2:51 a.m.8 views

Malicious Package

tiar is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...

6.5AI score
Exploits0
Veracode
Veracode
added 2019/07/15 2:51 a.m.8 views

Malicious Package

secureidentityloginmodule is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...

6.5AI score
Exploits0
Rows per page
Query Builder