Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.6 views

PT-2025-52069

Name of the Vulnerable Software and Affected Versions AncoraThemes Integro versions through 1.8.0 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion ...

8.2CVSS6.4AI score0.00415EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 1:19 a.m.6 views

CVE-2022-3124

The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Furthermore, due to the lack of validation in the destination filename, this could allow allow them to change the content of arbitrary files on the web server...

5.3CVSS6.9AI score0.06199EPSS
Exploits2References1
OSV
OSV
added 2022/11/16 11:15 p.m.3 views

CVE-2022-44006

An issue was discovered in BACKCLICK Professional 5.9.63. Due to improper validation or sanitization of upload filenames, an externally reachable, unauthenticated update function permits writing files outside the intended target location. Achieving remote code execution is possible, e.g., by...

9.8CVSS6.3AI score0.01877EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.4 views

Online Fire Reporting System 安全漏洞

Online Fire Reporting System is an online fire reporting system from Carlo Montero's personal developer. v1.0 of Online Fire Reporting System is vulnerable to an arbitrary file deletion vulnerability, which originates in /ofrs/classes/Master.php?f= deleteimg lacks valid validation for filenames,...

6.5CVSS5.8AI score0.00928EPSS
Exploits1References2
Rows per page
Query Builder