Lucene search
+L

8984 matches found

Nuclei
Nuclei
added yesterday37 views

Avid NEXIS Agent - Arbitrary File Read

Avid NEXIS E-series, F-series, PRO+, and System Director Appliance SDA+ before 2025.5.1 contain an unauthenticated arbitrary file read caused by improper validation of the filename parameter, letting unauthenticated attackers read sensitive files, exploit requires no authentication. id:...

8.7CVSS8.6AI score0.01083EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday13 views

Langflow <= 1.8.4 - Path Traversal to RCE via File Upload

The application contains a path traversal vulnerability caused by unsanitized 'filename' parameter in the 'POST /api/v2/files' multipart form data, letting attackers write files to arbitrary filesystem locations, exploit requires crafted request. id: CVE-2026-5027 info: name: Langflow = 1.8.4 -...

8.8CVSS5.7AI score0.31405EPSS
Exploits4References3
Nuclei
Nuclei
added yesterday22 views

CodiMD <2.5.4 - Insecure Filename Randomization

CodiMD does not require valid authentication to access uploaded images or to upload new image data. An attacker who can determine an uploaded image's URL can gain unauthorised access to uploaded image data. Due to the insecure random filename generation in the underlying Formidable library, an...

5.3CVSS5.4AI score0.01158EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday102 views

ESAFENET CDG - Arbitrary File Download

ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request. id: CVE-2019-9632 info: name: ESAFENET CDG - Arbitrary File Download author: pdteam severity: hi...

7.5CVSS7.5AI score0.39885EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday32 views

Movies <= 0.6 - Cross-Site Scripting

A cross-site scripting vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php. id: CVE-2014-4539 info: name: Movies = 0.6 - Cross-Site Scripting author: daffainfo...

6.1CVSS6.1AI score0.03983EPSS
Exploits2References4
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-44023 Docling Core has unsafe remote filename resolution

Docling Core defines core data types and transformations for the document processing application Docling. In versions 1.5.0 and above, prior to 2.74.1, docling-core did not sufficiently restrict remote request destinations and could resolve a server-provided Content-Disposition to a local path in...

8.6CVSS0.00286EPSS
Exploits0References2
CVE
CVE
added 2 days ago30 views

CVE-2026-44023

Docling Core (docling-core) versions &gt;= 1.5.0 and = 2.74.1 is recommended. If upgrading isn’t immediately possible, a workaround is to avoid passing untrusted URLs into remote fetch functionality. There is no exploitation detail in the provided documents, and no in‑the‑wild exploit information...

8.6CVSS6.1AI score0.00286EPSS
Exploits0References2
OSV
OSV
added 2 days ago6 views

CVE-2026-46336 Manyfold: Authenticated Path Traversal via File Rename

Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. From 0.96.0 until 0.140.0, authenticated users can rename uploaded files with path traversal sequences because app/models/modelfile.rb uses the user-controlled...

7.1CVSS6.1AI score0.00332EPSS
Exploits0References6
CVE
CVE
added 2 days ago91 views

CVE-2026-47729

CVE-2026-47729 affects Squid, a web caching proxy. Before 7.6, the FTP gateway (src/clients/FtpGateway.cc) could perform an out-of-bounds read when a directory listing entry date in TypeA/TypeB formats wasn’t followed by a filename, allowing memory disclosure from unrelated transactions. The issu...

6.5CVSS6.6AI score0.01907EPSS
Exploits1References5
CVE
CVE
added 3 days ago10 views

CVE-2026-52891

Wekan prior to v9.07 is vulnerable to command execution via avatar upload. The avatar filename is embedded in shell commands in models/avatars.js and models/fileValidation.js, allowing shell metacharacters (e.g., ` and $( ) to run commands on the server through child_process.exec(). Impact: high ...

9.9CVSS6.2AI score0.00403EPSS
Exploits0References3
NVD
NVD
added 4 days ago8 views

CVE-2026-12511

The AI Engine WordPress plugin before 3.5.5 does not sanitize a user-supplied filename before using it to write a downloaded file, allowing authenticated users with editor-level access to write attacker-controlled bytes to an arbitrary location on the server via path traversal...

8.1CVSS0.00304EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-43626

The AI Engine WordPress plugin before 3.5.5 does not sanitize a user-supplied filename before using it to write a downloaded file, allowing authenticated users with editor-level access to write attacker-controlled bytes to an arbitrary location on the server via path traversal...

8.1CVSS6.2AI score0.00304EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago3 views

CVE-2026-12511

The AI Engine WordPress plugin before 3.5.5 does not sanitize a user-supplied filename before using it to write a downloaded file, allowing authenticated users with editor-level access to write attacker-controlled bytes to an arbitrary location on the server via path traversal...

8.1CVSS6.2AI score0.00304EPSS
Exploits0References1
OSV
OSV
added 5 days ago4 views

CVE-2026-49972 Laravel-Mediable < 7.0.0 File Upload RCE via Extension Bypass

Laravel-Mediable before 7.0.0 contains a file upload vulnerability that allows unauthenticated attackers to achieve remote code execution by uploading a file with an embedded PHP extension disguised within a double extension such as shell.php.jpg. The PATHINFOFILENAME extraction preserves the inn...

7.7CVSS6.5AI score0.00777EPSS
Exploits0References6
NVD
NVD
added 5 days ago5 views

CVE-2026-57805

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Tonda tonda allows PHP Local File Inclusion.This issue affects Tonda: from n/a through = 2.5...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-57799

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Nuss nuss allows PHP Local File Inclusion.This issue affects Nuss: from n/a through = 1.3.6...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-57801

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes SetSail setsail allows PHP Local File Inclusion.This issue affects SetSail: from n/a through = 2.1...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added 5 days ago6 views

CVE-2026-57804

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-57796

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VLThemes Leedo leedo allows PHP Local File Inclusion.This issue affects Leedo: from n/a through = 3.0.0...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-57743

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

8.1CVSS0.00415EPSS
Exploits0References1
Rows per page
Query Builder