Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-1999-0851

Malware in sbrugna...

2.6CVSS6.4AI score0.12536EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-4566

Malware in sbrugna...

6.2CVSS6.4AI score0.01973EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-5537

Malware in sbrugna...

6CVSS6AI score0.01719EPSS
Exploits1References11
Cvelist
Cvelist
added 2025/07/19 9:23 a.m.10 views

CVE-2015-10135 WPshop 2 – E-Commerce < 1.3.9.6 - Arbitrary File Upload

The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajaxUpload function in versions before 1.3.9.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may...

9.8CVSS0.02764EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/06/05 7:16 p.m.19 views

CVE-2025-48953

Umbraco is an ASP.NET content management system CMS. Starting in version 14.0.0 and prior to versions 15.4.2 and 16.0.0, it's possible to upload a file that doesn't adhere with the configured allowable file extensions via a manipulated API request. The issue is patched in versions 15.4.2 and...

5.5CVSS6.7AI score0.00159EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:48 a.m.4 views

CVE-2022-22530

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to inject dangerous content or malicious code which could result in critical information being...

8.1CVSS8AI score0.00935EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:31 p.m.8 views

CVE-2021-21245

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data request.getInputStream to a user specified location request.getHeader"File-Name". This issue may lead to arbitrary file upload which can be used to upload a WebShell to...

10CVSS6.9AI score0.01198EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:26 p.m.7 views

CVE-2021-38753

An unrestricted file upload on Simple Image Gallery Web App can be exploited to upload a web shell and executed to gain unauthorized access to the server hosting the web app...

9.8CVSS7.2AI score0.0146EPSS
Exploits1References1
NVD
NVD
added 2025/01/24 4:15 p.m.12 views

CVE-2024-40693

IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing furth...

8CVSS0.00374EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/05/17 4:43 a.m.16 views

TYPO3 doesn't properly check file extensions

The 1 file upload component and 2 File Abstraction Layer FAL in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.3 do not properly check file extensions, which allow remote authenticated editors to execute arbitrary PHP code by uploading a .php file...

6.5CVSS7.4AI score0.01151EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2020/10/16 2:3 p.m.129 views

CVE-2020-24408

CVE-2020-24408 affects Magento 2.4.0 and 2.3.5p1 (and earlier); it is a stored/persistent XSS in the file upload component that allows an unauthenticated attacker to have their injected JavaScript executed in other users’ contexts once a victim browses the uploaded file. The description in the co...

6.1CVSS6.2AI score0.01741EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2016/08/01 12:0 a.m.22 views

Adblock Blocker 0.0.1 - Arbitrary File Upload

The addblockblocker WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

2.5AI score
Exploits0References1Affected Software1
NVD
NVD
added 2004/12/06 5:0 a.m.16 views

CVE-2004-0614

osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote attackers to upload a file of any size...

6.4CVSS6.7AI score0.01194EPSS
Exploits0References2
Rows per page
Query Builder