Lucene search
+L

156 matches found

CVE
CVE
added 2 days ago7 views

CVE-2026-36669

The vulnerability CVE-2026-36669 affects Feng Office 3.11.13.11. Affected component: ck_upload_handler.php. Issue: unauthenticated arbitrary file upload allowing attackers to place files (e.g., .html) into the web-accessible /tmp/ directory. Root cause details are not provided beyond the file upl...

5.6AI score0.00465EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-36669

An unauthenticated arbitrary file upload vulnerability in ckuploadhandler.php in Feng Office 3.11.13.11 allows remote attackers to upload malicious files such as .html to the web-accessible /tmp/ directory...

0.00465EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2026/02/09 12:0 a.m.199 views

📄 Samsung Quram DNG Advanced Remote Code Execution

This proof of concept uses an advanced exploitation technique that allows a remote attacker to execute arbitrary code on a target device by carefully controlling and manipulating memory in the target application or library. This technique is particularly used against memory-sensitive libraries li...

7.5CVSS6.2AI score0.00274EPSS
Exploits2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2011-3696

Malware in sbrugna...

5CVSS6.4AI score0.01335EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2007-6591

Malware in sbrugna...

7.5CVSS6.4AI score0.04149EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-6593

Malware in sbrugna...

5CVSS6.4AI score0.02137EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2018-13153

Malware in sbrugna...

7.5CVSS7.6AI score0.01287EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-5232

Malware in sbrugna...

4.3CVSS6.4AI score0.01915EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-5581

Malware in sbrugna...

4.3CVSS6.1AI score0.0096EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-47197

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.0073EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-16618

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00237EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/08/03 12:0 a.m.9 views

wx-shop 代码注入漏洞

wx-shop is a WeChat applet simple mall by the individual developer Feng Zhihui 495300897. A code injection vulnerability exists in wx-shop, which stems from a misbehavior in file/user/editUI that results in cross-site scripting...

5.1CVSS4.9AI score0.0025EPSS
Exploits0References5
OSV
OSV
added 2025/06/09 1:15 p.m.6 views

CVE-2025-5877

A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3.2.2.1. Affected by this issue is some unknown functionality of the file /application/models/ApplicationDataObject.class.php of the component Document Upload Handler. The manipulation leads to xml...

8.1CVSS4.9AI score0.0035EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/06/09 12:0 a.m.6 views

PT-2025-24433 · Unknown · Feng Office

Name of the Vulnerable Software and Affected Versions: Fengoffice Feng Office version 3.2.2.1 Description: A problematic issue has been found in the Document Upload Handler component, specifically affecting some unknown functionality of the file /application/models/ApplicationDataObject.class.php...

8.1CVSS6.2AI score0.0035EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/06/09 12:0 a.m.6 views

Feng Office 代码问题漏洞

Feng Office formerly known as OpenGoo is an open source online office system by the Feng Office team. The system provides task management, schedule management, document management and Email sending and receiving functions. A code issue vulnerability exists in Feng Office version 3.2.2.1, which...

8.1CVSS6.7AI score0.0035EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/06/04 7:15 a.m.8 views

CVE-2025-5433

A vulnerability was found in Fengoffice Feng Office 3.5.1.5 and classified as critical. Affected by this issue is some unknown functionality of the file /index.php?c=account=settimezone. The manipulation of the argument tzoffset leads to sql injection. The attack may be launched remotely. The...

6.5CVSS7.2AI score0.00237EPSS
Exploits0References1
NVD
NVD
added 2025/06/02 7:15 a.m.11 views

CVE-2025-5433

A vulnerability was found in Fengoffice Feng Office 3.5.1.5 and classified as critical. Affected by this issue is some unknown functionality of the file /index.php?c=account&a=settimezone. The manipulation of the argument tzoffset leads to sql injection. The attack may be launched remotely. The...

6.5CVSS0.00237EPSS
Exploits0References4
CVE
CVE
added 2025/06/02 6:31 a.m.46 views

CVE-2025-5433

CVE-2025-5433 affects Fengoffice Feng Office 3.5.1.5. The vulnerability is an SQL injection in the endpoint /index.php?c=account&a=set_timezone, caused by manipulation of the tz_offset parameter. It is exploitable remotely and the exploit has been publicly disclosed. Multiple sources corroborate ...

6.5CVSS7.2AI score0.00237EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/06/02 12:0 a.m.3 views

Feng Office 注入漏洞

Feng Office formerly known as OpenGoo is an open source online office system by the Feng Office team. The system provides task management, schedule management, document management and Email sending and receiving functions. An injection vulnerability exists in Feng Office version 3.5.1.5, which...

6.5CVSS6.9AI score0.00237EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/06/02 12:0 a.m.5 views

PT-2025-23472 · Feng Office · Feng Office

Name of the Vulnerable Software and Affected Versions: Fengoffice Feng Office version 3.5.1.5 Description: A critical issue was found in Fengoffice Feng Office, affecting some unknown functionality of the file "/index.php?c=account&a=set timezone". The manipulation of the tz offset argument leads...

6.5CVSS6.6AI score0.00237EPSS
Exploits0References9
Rows per page
Query Builder