Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2024/08/12 12:0 a.m.1 views

PT-2024-37887 · WordPress · Media Library Assistant

Name of the Vulnerable Software and Affected Versions: Media Library Assistant plugin for WordPress versions up to, and including, 3.18 Description: The issue arises from missing file type validation involving the mla-inline-edit-upload-scripts AJAX action. This allows authenticated attackers wit...

8.8CVSS7.9AI score0.1184EPSS
Exploits0References13
Cvelist
Cvelistadded 2022/09/21 7:9 p.m.14 views

CVE-2022-40217 WordPress WPide plugin <= 2.6 - Authenticated Arbitrary File Edit/Upload vulnerability

Authenticated admin+ Arbitrary File Edit/Upload vulnerability in XplodedThemes WPide plugin = 2.6 at WordPress...

6.5CVSS7.2AI score0.01069EPSS
Exploits0References2
Atlassian
Atlassianadded 2019/02/14 8:50 p.m.155 views

XSS in edit upload for a review through the wbuser parameter - CVE-2018-20241

The Edit upload resource for a review in Atlassian Fisheye before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the wbuser parameter...

5.4CVSS4AI score0.00196EPSS
Exploits0Affected Software1
Atlassian
Atlassianadded 2019/02/14 8:50 p.m.29 views

XSS in edit upload for a review through the wbuser parameter - CVE-2018-20241

The Edit upload resource for a review in Atlassian Fisheye before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the wbuser parameter...

5.4CVSS4AI score0.00196EPSS
Exploits0
Atlassian
Atlassianadded 2019/02/14 8:39 p.m.144 views

XSS in edit upload for a review through the wbuser parameter - CVE-2018-20241

The Edit upload resource for a review in Atlassian Crucible before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the wbuser parameter...

5.4CVSS4AI score0.00196EPSS
Exploits0Affected Software1
Atlassian
Atlassianadded 2019/02/14 8:39 p.m.29 views

XSS in edit upload for a review through the wbuser parameter - CVE-2018-20241

The Edit upload resource for a review in Atlassian Crucible before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the wbuser parameter...

5.4CVSS4AI score0.00196EPSS
Exploits0
CNVD
CNVDadded 2018/09/18 12:0 a.m.0 views

LG SuperSign CMS File Upload Vulnerability

LG SuperSign CMS is a content management system for LG webOS from the Luckin LG Group in Korea. The system supports connection to external databases and allows access to the server from mobile devices. A file upload vulnerability exists in LG SuperSign CMS, which can be exploited by an attacker...

9.8CVSS9.5AI score0.00565EPSS
Exploits1References1
Rows per page
Query Builder