Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-8853

Malware in sbrugna...

6.5CVSS6.6AI score0.00719EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-7974

Malware in sbrugna...

5.4CVSS5.3AI score0.00857EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3756

Malicious code in bioql PyPI...

7.2CVSS7AI score0.02872EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3722

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00701EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/06/24 12:28 p.m.3 views

CVE-2025-6435 Save as in Devtools could download files without sanitizing the extension

If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability was fixed in Firefox 140 and...

7.2AI score0.00372EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/24 12:28 p.m.10 views

CVE-2025-6435 Save as in Devtools could download files without sanitizing the extension

If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability was fixed in Firefox 140 and...

0.00372EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/05/19 12:0 a.m.7 views

PT-2023-23955 · Craft Cms · Craft Cms

Name of the Vulnerable Software and Affected Versions: Craft CMS versions prior to 4.4.6 Description: The issue is related to an unrestricted file extension that may lead to Remote Code Execution. In the View.php's doesTemplateExist - resolveTemplate - resolveTemplateInternal - resolveTemplate...

7.2CVSS7.3AI score0.01845EPSS
Exploits1References10
0day.today
0day.today
added 2021/07/26 12:0 a.m.201 views

WordPress SP Project And Document Remote Code Execution Exploit

This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress SP Project and Document plugin versions prior to 4.22. The security check only searches for lowercase file extensions such as .php,...

8.8CVSS0.52007EPSS
Exploits8
Prion
Prion
added 2021/05/14 2:15 p.m.16 views

Unrestricted file upload

Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to upload arbitrary files by attaching a file with a ".jpg.php" extension to the component "admin/wenjian.php?wj=../templets/pc"...

7.5CVSS9.4AI score0.01684EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2021/03/02 12:0 a.m.8 views

ONLYOFFICE Document Server File Extension Handling Vulnerability

ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. ONLYOFFICE Document Server suffers from a file extension handling vulnerability that can be exploited by an attacker requesting data to control file...

9.8CVSS7.8AI score0.43534EPSS
Exploits1References1
CNVD
CNVD
added 2021/03/02 12:0 a.m.10 views

ONLYOFFICE Document Server File Extension Handling Vulnerability (CNVD-2021-17248)

ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. A file extension handling vulnerability exists in the ONLYOFFICE DocumentServer core module, which can be exploited by an attacker to remotely execute...

9.8CVSS7AI score0.11503EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2021/01/07 2:15 p.m.27 views

CVE-2020-35112

If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension such as .bat or .exe that executable would have been launched instead. Note:...

8.8CVSS7.2AI score0.01289EPSS
Exploits0References3
NVD
NVD
added 2002/12/31 5:0 a.m.15 views

CVE-2002-1745

Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files...

7.5CVSS7.5AI score0.17663EPSS
Exploits0References3
NVD
NVD
added 2002/12/31 5:0 a.m.18 views

CVE-2002-1776

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to bypass virus protection via a Word Macro virus with a .nch or .dbx extension, which is automatically recognized and executed as a Microsoft Office document. NOTE: the vendor has disputed th...

7.5CVSS6.6AI score0.02574EPSS
Exploits0References4
Rows per page
Query Builder