Lucene search
K

1957 matches found

NVD
NVD
added yesterday4 views

CVE-2026-22102

A POST request sent to a specific webserver endpoint can be used to write to arbitrary file locations. The endpoint accepts the filename parameter in the Content-Disposition header without verification. This can be used to cause a denial of service by overwriting system files, or...

9.3CVSS0.00431EPSS
Exploits0References1
CVE
CVE
added 4 days ago10 views

CVE-2026-41877

CVE-2026-41877 affects R-SOFT DMS. It is a Stored XSS in the file upload functionality: an authenticated attacker could inject arbitrary HTML/JS into the uploaded file’s name, which would be executed when other users view the file list or upload status. The issue has been fixed in version v3.19-2...

5.1CVSS6.2AI score0.0039EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-11571 Everest Forms < 3.5.0 - Unauthenticated Sensitive Information Exposure via Residual CSV Artifacts

The Everest Forms WordPress plugin before 3.5.0 does not reliably delete temporary CSV files generated during email-notification processing and leaves them publicly accessible in the uploads directory, allowing unauthenticated attackers to retrieve other users' form submission records via...

0.00256EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago38 views

CVE-2026-60102 Horde VFS < 3.0.1 OS Command Injection via Horde_Vfs_Smb Driver

Horde Virtual File System VFS API before 3.0.1 contains an OS command injection vulnerability in the HordeVfsSmb driver where the escapeShellCommand method fails to sanitize command substitution sequences, allowing authenticated attackers to inject arbitrary shell commands through user-controlled...

8.8CVSS0.01803EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42340

Horde Virtual File System VFS API before 3.0.1 contains an OS command injection vulnerability in the HordeVfsSmb driver where the escapeShellCommand method fails to sanitize command substitution sequences, allowing authenticated attackers to inject arbitrary shell commands through user-controlled...

8.8CVSS6.2AI score0.01803EPSS
Exploits0References4
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-49147 App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

0.00329EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-42275

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

7.5CVSS5.9AI score0.00329EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 6 days ago10 views

CVE-2026-49147

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

7.5CVSS5.9AI score0.00329EPSS
Exploits0
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42233

Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that allows attackers to upload executable files by bypassing extension validation in the saveattachments function exposed through the Advanced Reviews feature. Attackers can...

9.8CVSS6.4AI score0.00605EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-56520

Name of the Vulnerable Software and Affected Versions Horde Virtual File System VFS API versions prior to 3.0.1 Description The Horde Vfs Smb driver contains an OS command injection flaw where the escapeShellCommand method does not properly sanitize command substitution sequences. Authenticated...

8.8CVSS6.2AI score0.01803EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 6 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-58471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote...

7.1CVSS6.3AI score0.00221EPSS
Exploits0References4
NVD
NVD
added last week9 views

CVE-2026-58471

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is...

7.1CVSS0.00221EPSS
Exploits0References2
NVD
NVD
added 2026/07/07 12:16 a.m.10 views

CVE-2026-53648

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.1, downloadable product files are stored using a deterministic filename-derived path. When an administrator uploads a file for a downloadable product, FOSSBilling stores the file as md5 under the uploads...

5.1CVSS0.00264EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 11:12 p.m.13 views

CVE-2026-53648

FOSSBilling prior to v0.8.1 stores downloadable product files with a deterministic path md5(), so files with identical names between different products/orders map to the same stored path and can be overwritten by later uploads. This leads to customers/admins downloading the wrong file. Version 0....

5.1CVSS5.9AI score0.00264EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 9:16 p.m.10 views

CVE-2026-57571

Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, when the crawler saves a downloaded file, the destination filename was taken from attacker-influenced input and joined to the downloads directory with no confinement. A filename containing an absolute path or travers...

9.6CVSS0.00502EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:9 p.m.6 views

CVE-2026-57571

Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, when the crawler saves a downloaded file, the destination filename was taken from attacker-influenced input and joined to the downloads directory with no confinement. A filename containing an absolute path or travers...

9.6CVSS6.4AI score0.00502EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/06/29 1:47 p.m.33 views

CVE-2026-56124 phpUploader < 2.0.2 Unauthenticated Database Exposure via index model

phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents of the uploaded-files database table by visiting any page of the application. The index model executes an unbounded SELECT query and embeds the comple...

8.7CVSS0.00365EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 11:50 a.m.4 views

PYSEC-2026-342 Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service

Important: Exploiting this vulnerability requires the attacker to have access to your Frigate instance, which means they could also just delete all of your recordings or perform any other action. If you have configured authentication in front of Frigate via a reverse proxy, then this vulnerabilit...

9.3CVSS5.8AI score0.00767EPSS
Exploits0References12
OSV
OSV
added 2026/06/29 9:16 a.m.5 views

UBUNTU-CVE-2026-57966

A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on the guest operating system. This occurs because the filename provided by the SPICE host during file transfers is not properly sanitized...

4.4CVSS5.9AI score0.00135EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/29 7:53 a.m.8 views

EUVD-2026-40050

A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on the guest operating system. This occurs because the filename provided by the SPICE host during file transfers is not properly sanitized...

4.4CVSS5.9AI score0.00135EPSS
Exploits0References2
Rows per page
Query Builder