Lucene search
K

151 matches found

Positive Technologies
Positive Technologies
added 2025/08/06 12:0 a.m.9 views

PT-2025-32011 · Unknown · Virtualization File Module

Name of the Vulnerable Software and Affected Versions: virtualization file module affected versions not specified Description: A path traversal vulnerability exists in the virtualization file module. Successful exploitation of this issue may affect the confidentiality of the module...

8.4CVSS6.3AI score0.0012EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 4:26 a.m.9 views

CVE-2023-44094

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

5.3CVSS6.8AI score0.00335EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:19 p.m.7 views

CVE-2020-14031

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The outbox functionality of the TXT File module can be used to delete all/most files in a folder. Because the product usually runs as NT AUTHORITY\SYSTEM, the only files that will not be deleted are those currently being run by the...

9CVSS6.9AI score0.0159EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 8:36 a.m.8 views

CVE-2014-125032

A vulnerability was found in porpeeranut go-with-me. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file module/frontend/add.php. The manipulation leads to sql injection. The identifier of the patch is b92451e4f9e85e26cf493c95ea0a69e354c35df9. ...

9.8CVSS7.6AI score0.00657EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:16 a.m.8 views

CVE-2024-4267

A remote code execution RCE vulnerability exists in the parisneo/lollms-webui, specifically within the 'openfile' module, version 9.5. The vulnerability arises due to improper neutralization of special elements used in a command within the 'openfile' function. An attacker can exploit this...

8.4CVSS8.7AI score0.01484EPSS
Exploits1
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.5 views

Drupal POST File module < 1.0.2 - Unauthenticated Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF vulnerability discovered by Pierre Rudloff in WordPress Module POST File versions 1.0.2...

3.1CVSS7AI score0.00132EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/13 12:0 a.m.4 views

PT-2024-10478 · Post File +1 · Post File +1

Name of the Vulnerable Software and Affected Versions: Drupal POST File versions 0.0.0 through 1.0.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability in the POST File module of the Drupal CMS system. This vulnerability can be exploited by a remote attacker to...

3.1CVSS7.5AI score0.00132EPSS
Exploits0References4
Drupal
Drupal
added 2024/11/13 12:0 a.m.12 views

POST File - Critical - Cross Site Scripting, Arbitrary PHP code execution - SA-CONTRIB-2024-060

The module creates an endpoint on the site at /postfile/upload that accepts a POST request for uploading a single file into a specified file system public, private, etc. This module accepts any uploaded file extension, including dangerous file formats so it can be used to bypass the...

5.4CVSS6.9AI score0.00223EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/09/03 4:52 p.m.31 views

CVE-2024-43412 Xibo CMS XSS vulnerability when previewing files uploaded to the library containing HTML/JS

Xibo is an open source digital signage platform with a web content management system CMS. Prior to version 4.1.0, a cross-site scripting vulnerability in Xibo CMS allows authorized users to execute arbitrary JavaScript via the file preview function. Users can upload HTML/CSS/JS files into the Xib...

4.6CVSS0.00263EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/22 12:0 a.m.7 views

PT-2024-30098 · Unknown · Parisneo/Lollms-Webui

Name of the Vulnerable Software and Affected Versions: parisneo/lollms-webui version 9.5 Description: A remote code execution vulnerability exists in the parisneo/lollms-webui, specifically within the open file module. The vulnerability arises due to improper neutralization of special elements us...

9.8CVSS8.9AI score0.01484EPSS
Exploits1References6
OSV
OSV
added 2024/03/06 10:57 a.m.16 views

BIT-DRUPAL-2020-13670

Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prio...

7.5CVSS7.3AI score0.01106EPSS
Exploits0References2
OSV
OSV
added 2023/10/11 1:15 p.m.4 views

CVE-2023-44108

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

7.5CVSS5.8AI score0.00395EPSS
Exploits0References2
NVD
NVD
added 2023/10/11 1:15 p.m.20 views

CVE-2023-44108

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

7.5CVSS7.5AI score0.00395EPSS
Exploits0References2
CVE
CVE
added 2023/10/11 12:8 p.m.70 views

CVE-2023-44108

CVE-2023-44108 is a type confusion vulnerability in Huawei HarmonyOS’s distributed file module. The issue enables exploitation that may cause a device restart/reboot. Affected components and specifics are not enumerated in the provided documents; multiple sources (NVD, CNVD, PRION, CVELIST, VulnE...

7.5CVSS7.4AI score0.00395EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/11 12:8 p.m.15 views

CVE-2023-44108

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

6.8AI score0.00395EPSS
Exploits0References2
OSV
OSV
added 2023/10/11 11:15 a.m.2 views

CVE-2023-44094

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

5.3CVSS5.8AI score0.00335EPSS
Exploits0References2
Prion
Prion
added 2023/10/11 11:15 a.m.23 views

Type confusion

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

5CVSS5.3AI score0.00335EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/10/11 10:43 a.m.11 views

CVE-2023-44094

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

6.8AI score0.00335EPSS
Exploits0References2
CVE
CVE
added 2023/10/11 10:43 a.m.58 views

CVE-2023-44094

CVE-2023-44094 is a type confusion vulnerability in Huawei HarmonyOS’s Distributed Files module. The connected documents indicate the flaw stems from type confusion in the distributed file subsystem, with exploitation potentially causing a device restart/reboot. There are multiple sources (NVD, R...

5.3CVSS5.2AI score0.00335EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/11 12:0 a.m.4 views

PT-2023-29104 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a type confusion vulnerability in the distributed file module. Successful exploitation of this vulnerability may cause the devic...

7.5CVSS6.9AI score0.00395EPSS
Exploits0References5
Rows per page
Query Builder