CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/06/15 9:30 p.m.•6 views

EUVD-2026-36757

Bludit CMS before version 3.18.4 allows Remote Code Execution RCE via the API Plugin. The POST /api/files/key endpoint in bl-plugins/api/plugin.php fails to perform authorization checks and lacks file extension validation. An attacker with a valid API token can upload a malicious PHP script and...

6.2AI score0.00504EPSS

NVD•added 2026/06/15 8:16 p.m.•14 views

CVE-2026-38329

9.8CVSS0.00504EPSS

Positive Technologies•added 2026/06/15 12:0 a.m.•13 views

PT-2026-49297

6.3AI score0.00504EPSS

Cvelist•added 2026/06/15 12:0 a.m.•42 views

CVE-2026-38329

0.00504EPSS

Github Security Blog•added 2026/06/11 5:16 p.m.•8 views

CodeIgniter4 has a validation bypass when uploading file extensions via `ext_in` rule

Impact The extin upload validation rule checked the MIME-derived guessed extension instead of the client-provided filename extension. As a result, an uploaded file named shell.php containing GIF-like content could pass validation such as:...

6.1AI score0.00078EPSS

Exploits0References6Affected Software1

RedhatCVE•added 2026/06/05 7:17 p.m.•7 views

CVE-2026-6555

The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 2.0.0. This is due to an array validation mismatch where only the first file in the upload array undergoes extension and MIME type validation, while all files are processed and...

9.8CVSS6.3AI score0.00952EPSS

ATTACKERKB•added 2026/06/05 7:15 p.m.•6 views

CVE-2026-46400

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 11.0.6 and prior to version 25.0.0, the file upload functionality in HAXCMS PHP only validates file extensions using a regex pattern without checking the actual file content or MIME type. This allows attacker...

8.7CVSS5.9AI score0.00387EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2026/06/05 7:10 p.m.•10 views

CVE-2026-8134

Concrete CMS 9.5.0 and below fails to sanitize path traversal sequences in the ptComposerFormLayoutSetControlCustomTemplate field when saving page type composer form layouts. An authenticated rogue administrator with composer form editing rights can exploit this to include arbitrary readable file...

9.4CVSS6AI score0.00738EPSS

Positive Technologies•added 2026/06/05 12:0 a.m.•8 views

PT-2026-47040

Name of the Vulnerable Software and Affected Versions HAX CMS versions 11.0.6 through 24.x Description The file upload functionality in HAXCMS PHP validates file extensions using a regex pattern but fails to verify the actual file content or MIME type Multipurpose Internet Mail Extensions, a...

8.7CVSS5.9AI score0.00387EPSS

CNNVD•added 2026/06/01 12:0 a.m.•7 views

SOPlanning 代码问题漏洞

SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had code vulnerabilities. These vulnerabilities stemmed from an unvalidated validation of file extensions during upload. This allowed authenticated attackers to uploa...

6.4CVSS5.4AI score0.0031EPSS

CVE•added 2026/05/21 8:13 p.m.•13 views

CVE-2026-8134

Concrete CMS 9.5.0 and earlier fails to sanitize path traversal in the ptComposerFormLayoutSetControlCustomTemplate field when saving page-type composer form layouts. An authenticated rogue administrator with composer form editing rights can cause arbitrary readable files to be included on the se...

9.4CVSS6.2AI score0.00738EPSS

Exploits0References1Affected Software1

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в chromium

Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome extension. Chromium security severity: Low...

4.3CVSS6.6AI score0.00421EPSS

OSV•added 2026/04/10 7:50 p.m.•2 views

GHSA-69HX-63PV-F8F4 Ech0 has Stored XSS via SVG Upload and Content-Type Validation Bypass in File Upload

Summary The file upload endpoint validates Content-Type using only the client-supplied multipart header, with no server-side content inspection or file extension validation. Combined with an unauthenticated static file server that determines Content-Type from file extension, this allows an admin ...

4.8CVSS5.8AI score

VulnCheck KEV•added 2026/04/10 12:0 a.m.•6 views

VulnCheck KEV: CVE-2025-0520

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7...

9.4CVSS6.3AI score0.00944EPSS

In wildExploits0References3

CVE•added 2026/03/23 6:23 p.m.•9 views

CVE-2026-33647

WWBN AVideo (versions up to 26.0) is affected by a RCE in ImageGallery::saveFile(), where MIME-type validation via finfo passes a polyglot file with a .php extension because the saved filename extension is derived from the user-provided name without an allowlist. An attacker can upload a file wit...

8.8CVSS5.8AI score0.00639EPSS

Exploits1References2Affected Software1

EUVD•added 2026/03/17 11:51 p.m.•5 views

EUVD-2026-12682

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type including .php files can be uploaded. With...

4.3CVSS6.4AI score0.00419EPSS