Lucene search
K

133 matches found

NVD
NVD
โ€ขadded 8 hours agoโ€ข6 views

CVE-2026-61457

The Grav API plugin getgrav/grav-plugin-api before 1.0.3 contains a file upload extension bypass in the API media controller. HandlesMediaUploads::validateFileExtension inspects only the final file extension via pathinfo$filename, PATHINFOEXTENSION, so a user with api.media.write permission can...

8.8CVSS
Exploits0References2
RedhatCVE
RedhatCVE
โ€ขadded 2026/06/05 7:13 p.m.โ€ข10 views

CVE-2026-48557

Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer. The sanitizer checks only the final filename suffix, allowing double-extension filenames such as shell.php.jpg to bypass the blocklist, with pathinfo preserving inner .php...

8.8CVSS5.5AI score0.0044EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
โ€ขadded 2026/05/29 7:49 p.m.โ€ข15 views

CVE-2026-48557

Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer. The sanitizer checks only the final filename suffix, allowing double-extension filenames such as shell.php.jpg to bypass the blocklist, with pathinfo preserving inner .php...

8.8CVSS5.8AI score0.0044EPSS
Exploits0References5
CVE
CVE
โ€ขadded 2026/05/29 7:49 p.m.โ€ข57 views

CVE-2026-48557

The CVE affects Spatie Laravel Media Library prior to 11.23.0. In FileAdder::defaultSanitizer(), the file upload filter only checks the final filename suffix, allowing double-extension names like shell.php.jpg to bypass the blocklist, since inner .php stems are preserved by pathinfo(). The blockl...

8.8CVSS5.8AI score0.0044EPSS
Exploits0References4
Cvelist
Cvelist
โ€ขadded 2026/05/29 7:49 p.m.โ€ข43 views

CVE-2026-48557 Spatie Laravel Media Library < 11.23.0 File Upload Restriction Bypass via FileAdder.php

Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer. The sanitizer checks only the final filename suffix, allowing double-extension filenames such as shell.php.jpg to bypass the blocklist, with pathinfo preserving inner .php...

8.8CVSS0.0044EPSS
Exploits0References4
OSV
OSV
โ€ขadded 2026/05/29 7:49 p.m.โ€ข5 views

CVE-2026-48557 Spatie Laravel Media Library < 11.23.0 File Upload Restriction Bypass via FileAdder.php

Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer. The sanitizer checks only the final filename suffix, allowing double-extension filenames such as shell.php.jpg to bypass the blocklist, with pathinfo preserving inner .php...

8.7CVSS5.9AI score0.0044EPSS
Exploits0References7
GithubExploit
GithubExploit
โ€ขadded 2026/05/26 12:50 p.m.โ€ข84 views

Exploit for CVE-2026-5364

CVE-2026-5364 CVE-2026-5364 is a CVSS 8.1 High Unauthenticat...

8.1CVSS5.8AI score0.0106EPSS
Exploits1
Cvelist
Cvelist
โ€ขadded 2026/05/19 9:22 a.m.โ€ข40 views

CVE-2026-31379 Apache OFBiz: Path Traversal and File Upload Validation Bypass Leading to Arbitrary File Write, Stored XSS and RCE in Catalog Manager

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting', Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Improper Control of Generation of Code 'Code Injection' vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06...

0.00588EPSS
Exploits0References1
Cvelist
Cvelist
โ€ขadded 2026/05/08 2:30 p.m.โ€ข36 views

CVE-2026-41308 Password Pusher: JSON API `/p.json` file upload alias bypasses file-push authentication

Password Pusher is an open source application to communicate sensitive information over the web. Prior to versions 1.69.3 and 2.4.2, a security issue in OSS PasswordPusher allowed unauthenticated creation of file-type pushes through a generic JSON API create path under certain configurations. Thi...

6.5CVSS0.00289EPSS
Exploits0References3
OSV
OSV
โ€ขadded 2026/05/05 2:49 p.m.โ€ข3 views

CVE-2026-5766 Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. ASGI requests with a missing or understated Content-Length header can bypass the FILEUPLOADMAXMEMORYSIZE limit, potentially loading large files into memory and causing service degradation. As a reminder, Django expects a limit to ...

6.3CVSS6.9AI score0.00423EPSS
Exploits0References7
Packet Storm
Packet Storm
โ€ขadded 2026/04/27 12:0 a.m.โ€ข87 views

๐Ÿ“„ OWASP CRS 3.3.9 / 4.25.x LTS / 4.8.x File Upload Bypass

This proof of concept demonstrating a weakness in some web applications protected by OWASP Core Rule Set CRS or similar filters, where file upload validation can be bypassed using ambiguous filename formatting...

5.3AI score
Exploits0
GithubExploit
GithubExploit
โ€ขadded 2026/04/26 2:17 a.m.โ€ข140 views

ethical-hacking-ctf

๐Ÿ” Ethical Hacking CTF Writeup Coventry University โ€” 7072SC...

10CVSS7.2AI score0.97485EPSS
Exploits14
GithubExploit
GithubExploit
โ€ขadded 2026/04/24 3:44 p.m.โ€ข173 views

IMF-1-walkthrough

IMF: 1 โ€” Boot2Root Walkthrough Platform: VulnHub Diff...

7.4AI score
Exploits0
GithubExploit
GithubExploit
โ€ขadded 2026/04/23 5:15 a.m.โ€ข128 views

hangover-ctf-wolfpack-deals

๐ŸŽฐ The Hangover CTF โ€” Machine 1: Wolfpack Deals "What happe...

8.8CVSS7.1AI score0.43988EPSS
Exploits27
CVE
CVE
โ€ขadded 2026/04/20 4:23 p.m.โ€ข21 views

CVE-2026-40488

OpenMage LTS (Magento LTS) before 20.17.0 uses an incomplete blocklist (forbidden_extensions = php,exe) for custom option file uploads. This can be bypassed by using alternative PHP executable extensions such as .phtml, .phar, .php3, .php4, .php5, .php7, and .pht, allowing files to be uploaded to...

8.8CVSS6AI score0.00691EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
โ€ขadded 2026/04/20 4:23 p.m.โ€ข34 views

CVE-2026-40488 OpenMage LTS has Customer File Upload Extension Blocklist Bypass that Leads to Remote Code Execution

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, the product custom option file upload in OpenMage LTS uses an incomplete...

8.7CVSS0.00691EPSS
Exploits1References1
NVD
NVD
โ€ขadded 2026/04/18 2:16 a.m.โ€ข7 views

CVE-2026-40487

Postiz is an AI social media scheduling tool. Prior to version 2.21.6, a file upload validation bypass allows any authenticated user to upload arbitrary HTML, SVG, or other executable file types to the server by spoofing the Content-Type header. The uploaded files are then served by nginx with a...

9CVSS0.00224EPSS
Exploits1References2
OSV
OSV
โ€ขadded 2026/04/16 9:49 p.m.โ€ข8 views

GHSA-RH7V-6W34-W2RR Flowise: File Upload Validation Bypass in createAttachment

Summary In FlowiseAI, the Chatflow configuration file upload settings can be modified to allow the application/javascript MIME type. This lets an attacker upload .js files even though the frontend doesnโ€™t normally allow JavaScript uploads. This enables attackers to persistently store malicious...

7.1CVSS5.9AI score0.00472EPSS
Exploits1References3
NVD
NVD
โ€ขadded 2026/04/02 7:21 p.m.โ€ข5 views

CVE-2026-34735

The Hytale Modding Wiki is a free service for Hytale mods to host their documentation & wikis. In version 1.2.0 and prior, the quickUpload endpoint validates uploaded files by checking their MIME type via PHP's finfo, which inspects file contents but constructs the stored filename using the...

8.7CVSS0.00306EPSS
Exploits0References1
Vulnrichment
Vulnrichment
โ€ขadded 2026/04/02 6:23 p.m.โ€ข4 views

CVE-2026-34735 Hytale Modding Vulnerable to Remote Code Execution via File Upload Bypass in `FileController`

The Hytale Modding Wiki is a free service for Hytale mods to host their documentation & wikis. In version 1.2.0 and prior, the quickUpload endpoint validates uploaded files by checking their MIME type via PHP's finfo, which inspects file contents but constructs the stored filename using the...

8.7CVSS6AI score0.00306EPSS
Exploits0References1
Rows per page
Query Builder