Lucene search
K

31 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/05/17 9:30 p.m.31 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons FileUpload ( CVE-2023-24998)

Summary A vulnerability in Apache Commons FileUpload used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number of request parts to be...

7.5CVSS7.5AI score0.46836EPSS
Exploits1Affected Software1
CVE
CVE
added 2022/09/29 1:20 p.m.57 views

CVE-2022-40407

CVE-2022-40407 concerns Chamilo LMS, affecting version 1.11. The connected documents describe a zip-slip vulnerability in Chamilo’s file-upload function that enables remote code execution via a crafted Zip file. The underlying issue is a zip-slip extraction flaw in the upload handling, leading to...

8.8CVSS8.8AI score0.0123EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/02/21 11:28 a.m.25 views

CVE-2022-24553

An issue was found in Zfaka = 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution...

9.9AI score0.0252EPSS
Exploits1References2
NVD
NVD
added 2021/10/08 4:15 p.m.10 views

CVE-2021-41566

The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in...

9.8CVSS0.01943EPSS
Exploits0References1
Veracode
Veracode
added 2021/08/26 3:1 a.m.16 views

Cross-site Scripting (XSS)

baserproject/basercms is vulnerable to cross-site scripting. The file upload function on the management system does not escape user-provided data, allowing an attacker to inject and execute malicious javascript...

8.7CVSS3AI score0.00929EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/08/25 6:15 p.m.20 views

CVE-2021-39136

baserCMS is an open source content management system with a focus on Japanese language support. In affected versions there is a cross-site scripting vulnerability in the file upload function of the management system of baserCMS. Users are advised to update as soon as possible. No workaround are...

5.4CVSS6AI score
Exploits0References4
Packet Storm
Packet Storm
added 2016/06/23 12:0 a.m.27 views

WordPress Ultimate Product Catalog 3.8.6 Shell Upload

Exploit Title: Wordpress Ultimate-Product-Catalog v3.8.6 Arbitrary file RCE Date: 2016-06-23 Google Dork: Index of /wp-content/plugins/ultimate-product-catalogue/ Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Vendor Homepage: http://www.EtoileWebDesign.com/ plugin uri:...

0.3AI score
Exploits0
myhack58
myhack58
added 2012/09/13 12:0 a.m.24 views

The hospital was built Station system arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

| Vulnerability file: upfile. aspx I first posted 9 8 line to 1 3 0 lines of code out ,look a bit funny! Google for: inurl:cms/Column. aspx? that inurl:cms/Column. aspx? LMID= too much,your own to find more keywords! | 0 1 | ---|--- 0 2 | function chkform ---|--- 0 3 | ---|--- 0 4 | ---|--- 0 5 |...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2010/12/09 12:0 a.m.26 views

Joomla JE Messenger 1.0 Shell Upload

JE Messenger 1.0 Arbitrary File Upload Vulnerability Name JE Messenger Vendor http://joomlaextensions.co.in Versions Affected 1.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-12-09 X. INDEX I. ABOUT THE APPLICATIO...

0.2AI score
Exploits0
0day.today
0day.today
added 2009/04/07 12:0 a.m.21 views

Lanius CMS <= 0.5.2 Remote Arbitrary File Upload Exploit

Exploit for unknown platform in category web applications ======================================================== Lanius CMS = 0.4.6 and Lanius CMS $maxsz 53. return sprintfUPLOADTOOBIG, convertbytes$filesz, convertbytes$maxsz; 54. 55. $thyname = basenameurldecode$FILES$elem'name'; 56. if...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/07 12:0 a.m.45 views

EkinBoard 1.1.0 - Arbitrary File Upload / Authentication Bypass

---- EkinBoard Remote File Upload / Auth Bypass ... ITDefence.ru Antichat.ru EkinBoard = 1.1.0 Remote File Upload / Auth Bypass Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / // / /\ / //...

7AI score
Exploits0
Rows per page
Query Builder