Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-3411

Malware in sbrugna...

3.6CVSS6.1AI score0.00348EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.4 views

PT-2025-27094 · Unknown · Serped.Net

Name of the Vulnerable Software and Affected Versions: SERPed.net versions n/a through 4.6 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion. This is a...

8.1CVSS7.3AI score0.00489EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:41 a.m.8 views

CVE-2024-52515

Nextcloud Server is a self hosted personal cloud system. After an admin enables the default-disabled SVG preview provider, a malicious user could upload a manipulated SVG file referencing paths. If the file would exist the preview of the SVG would preview the other file instead. It is recommended...

6.5CVSS6.8AI score0.00652EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:19 a.m.6 views

CVE-2022-3124

The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Furthermore, due to the lack of validation in the destination filename, this could allow allow them to change the content of arbitrary files on the web server...

5.3CVSS6.9AI score0.06199EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:46 p.m.10 views

CVE-2020-6870

The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with the password, and illegally download, modify, upload, or delete files, causing improper operation of the network...

8CVSS6.8AI score0.00618EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.3 views

PT-2024-9995 · Drupal +1 · Drupal Core +1

Name of the Vulnerable Software and Affected Versions: Drupal Core versions 10.0.0 through 10.2.9 Description: A vulnerability in Drupal Core allows file manipulation. This issue is related to weaknesses in handling error situations, which could allow a remote attacker to impact the integrity of...

5.9CVSS6.1AI score0.00375EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2022/09/01 12:0 a.m.14 views

PT-2022-4598 · Huawei · Huawei Headset

Name of the Vulnerable Software and Affected Versions: Huawei headset products affected versions not specified Description: The issue concerns an out-of-bounds read and write vulnerability. An attacker, with physical access to the device, can craft a malformed message with a specific parameter an...

6.1CVSS6.1AI score0.00261EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.27 views

Debian DSA-518-1 : kdelibs - unsanitised input

iDEFENSE identified a vulnerability in the Opera web browser that could be used by remote attackers to create or truncate arbitrary files on the victims machine. The KDE team discovered that a similar vulnerability exists in KDE. A remote attacker could entice a user to open a carefully crafted...

7.5CVSS5.6AI score0.07778EPSS
Exploits0References4
securityvulns
securityvulns
added 2001/06/13 12:0 a.m.33 views

bug

Hi, I'm reposting a bug I've found some time before. Thanks WebStore from www.cgicentral.net is a shopping cart allowing users to buy things on-line. One of the scripts in the package, wsmail.cgi unsafely passes user-submitted data to 'system' command: if $in'terminate' eval system"kill $in'kill'...

6.9AI score
Exploits0
Rows per page
Query Builder