CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

211 matches found

F5 Networks•added 2023/02/21 6:12 p.m.•22 views

K17156: PHP vulnerability CVE-2014-5298

Security Advisory Description FileUploadsFilter.php in X2Engine 4.1.7 and earlier, when running on case-insensitive file systems, allows remote attackers to bypass the upload blacklist and conduct unrestricted file upload attacks by uploading a file with an executable extension that contains...

5CVSS6.8AI score0.01227EPSS

Exploits2

SUSE CVE•added 2023/02/15 6:19 a.m.•1 views

SUSE CVE-2005-0230

Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files...

5.1CVSS7.6AI score0.0221EPSS

Exploits1References4

SUSE CVE•added 2023/02/15 3:24 a.m.•1 views

SUSE CVE-2022-34483

An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from...

8.8CVSS8.5AI score0.00355EPSS

Exploits0References7

SUSE CVE•added 2023/02/15 3:24 a.m.•1 views

SUSE CVE-2022-34482

8.8CVSS8.5AI score0.0048EPSS

Exploits0References7

NVD•added 2022/12/22 8:15 p.m.•13 views

CVE-2022-34483

8.8CVSS0.00355EPSS

Exploits0References2

CVE•added 2022/12/22 12:0 a.m.•173 views

CVE-2022-34482

Summary of CVE-2022-34482 (and related advisories): An attacker could coax a user to drag-and-drop an image to the filesystem, allowing manipulation of the resulting filename to include an executable extension. This could potentially trick the user into executing malicious code. Affected product:...

8.8CVSS8.4AI score0.0048EPSS

Exploits0References2Affected Software1

Debian CVE•added 2022/12/22 12:0 a.m.•37 views

CVE-2022-34482

8.8CVSS9.3AI score0.0048EPSS

Exploits0

AlpineLinux•added 2022/12/22 12:0 a.m.•43 views

CVE-2022-34482

8.8CVSS8.7AI score0.0048EPSS

Exploits0

AlpineLinux•added 2022/12/22 12:0 a.m.•45 views

CVE-2022-34483

8.8CVSS8.7AI score0.00355EPSS

Exploits0

UbuntuCve•added 2022/07/05 12:0 a.m.•25 views

CVE-2022-34482

8.8CVSS7.2AI score0.0048EPSS

Exploits0References3

OSV•added 2022/07/05 12:0 a.m.•0 views

UBUNTU-CVE-2022-34483

8.8CVSS7.3AI score0.00355EPSS

Exploits0References4

OSV•added 2022/07/05 12:0 a.m.•0 views

UBUNTU-CVE-2022-34482

8.8CVSS7.3AI score0.0048EPSS

Exploits0References4

Github Security Blog•added 2022/05/17 4:56 a.m.•19 views

MoinMoin Multiple unrestricted file upload vulnerabilities

Multiple unrestricted file upload vulnerabilities in the 1 twikidraw action/twikidraw.py and 2 anywikidraw action/anywikidraw.py actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to execute arbitrary code by uploading a file with an executable extension, the...

6CVSS7.4AI score0.73631EPSS

Exploits7References13Affected Software1

Github Security Blog•added 2022/05/17 3:38 a.m.•25 views

Moodle Unrestricted file upload vulnerability

Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors...

8.8CVSS7.5AI score0.02078EPSS

Exploits1References4Affected Software1

OSV•added 2022/05/17 3:38 a.m.•13 views

GHSA-58FM-V4PR-JH8P Moodle Unrestricted file upload vulnerability

8.8CVSS8.6AI score0.02078EPSS

Exploits1References4

OSV•added 2020/11/12 7:15 p.m.•13 views

CVE-2020-27386

An unrestricted file upload issue in FlexDotnetCMS before v1.5.9 allows an authenticated remote attacker to upload and execute arbitrary files by using the FileManager to upload malicious code e.g., ASP code in the form of a safe file type e.g., a TXT file, and then using the FileEditor in v1.5.8...

8.8CVSS7.5AI score

Exploits0References4

Prion•added 2020/04/03 7:15 p.m.•12 views

Unrestricted file upload

An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. This allows an authenticated attacker to upload a malicious file containing PHP code to execute operating system...

6.5CVSS8.9AI score0.16006EPSS

Exploits3References3Affected Software1

NVD•added 2020/02/06 2:15 p.m.•15 views

CVE-2015-6000

Unrestricted file upload vulnerability in the SettingsVtigerCompanyDetailsSaveAction class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then...

8.8CVSS7.5AI score0.76812EPSS

Exploits12References3

NVD•added 2020/01/31 11:15 p.m.•14 views

CVE-2014-2025

Unrestricted file upload vulnerability in an unspecified third party tool in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it v...

9.8CVSS9.7AI score0.09013EPSS

Exploits0References3

Prion•added 2020/01/31 11:15 p.m.•16 views

Unrestricted file upload

7.5CVSS8.3AI score0.09013EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by