Lucene search
K

113 matches found

NVD
NVD
added 2026/07/06 8:16 a.m.9 views

CVE-2026-6382

The FileOrganizer WordPress plugin before 1.1.9, Advanced File Manager WordPress plugin before 5.4.12, File Manager Pro WordPress plugin before 2.1.1, File Manager WordPress plugin before 8.0.4 do not properly escape a parameter before passing it to a shell command when processing image operation...

9.1CVSS0.00902EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 6:0 a.m.18 views

CVE-2026-6382

The CVE affects multiple elFinder-based WordPress plugins: FileOrganizer (before 1.1.9), Advanced File Manager (before 5.4.12), File Manager Pro (before 2.1.1), and File Manager (before 8.0.4). The root cause is improper escaping of a parameter passed to a shell command during image operations, e...

9.1CVSS6AI score0.00902EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 6:0 a.m.5 views

EUVD-2026-41812

The FileOrganizer WordPress plugin before 1.1.9, Advanced File Manager WordPress plugin before 5.4.12, File Manager Pro WordPress plugin before 2.1.1, File Manager WordPress plugin before 8.0.4 do not properly escape a parameter before passing it to a shell command when processing image operation...

9.1CVSS6AI score0.00902EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/05 10:10 p.m.1 views

Directory Traversal

Overview phpbb/phpbb is a Forum Software application. Affected versions of this package are vulnerable to Directory Traversal via the plupload process and the phar:// stream wrapper. An attacker can execute arbitrary code by uploading a crafted archive containing serialized PHP objects that are...

8.8CVSS6.5AI score0.00183EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/05 9:30 p.m.5 views

EUVD-2019-20103

phpBB contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by exploiting the plupload functionality and phar:// stream wrapper. Attackers can upload a crafted zip file containing serialized PHP objects that execute arbitrary code when...

8.8CVSS6.3AI score0.00183EPSS
Exploits0References3
NVD
NVD
added 2026/04/05 9:16 p.m.6 views

CVE-2019-25685

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

0.00183EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/05 8:45 p.m.33 views

CVE-2019-25685

...

0.00183EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/05 8:45 p.m.2 views

CVE-2019-25685

...

5.7AI score0.00183EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/05 8:45 p.m.3 views

CVE-2019-25685

phpBB contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by exploiting the plupload functionality and phar:// stream wrapper. Attackers can upload a crafted zip file containing serialized PHP objects that execute arbitrary code when...

8.8CVSS6.3AI score0.00183EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/05 8:45 p.m.17 views

CVE-2019-25685

CVE-2019-25685 is rejected/not used; this CVE ID is not an active vulnerability entry.

6.3AI score0.00183EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.17 views

PT-2026-30493

phpBB contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by exploiting the plupload functionality and phar:// stream wrapper. Attackers can upload a crafted zip file containing serialized PHP objects that execute arbitrary code when...

8.8CVSS6.3AI score0.00183EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/16 12:24 a.m.12 views

CVE-2025-67079

File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions...

9.8CVSS7.5AI score0.00381EPSS
Exploits0References1
NVD
NVD
added 2026/01/15 4:16 p.m.11 views

CVE-2025-67079

File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions...

9.8CVSS0.00381EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/15 12:0 a.m.30 views

CVE-2025-67079

File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions...

0.00381EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/15 12:0 a.m.9 views

EUVD-2026-2759

File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions...

9.8CVSS7AI score0.00381EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/15 12:0 a.m.3 views

CVE-2025-67079

File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions...

7.2AI score0.00381EPSS
Exploits0References2
CVE
CVE
added 2026/01/15 12:0 a.m.16 views

CVE-2025-67079

CVE-2025-67079 describes a file upload vulnerability in Omnispace Agora Project prior to 25.10. The issue allows code execution via the MSL engine of the Imagick library when a crafted PDF is uploaded through the file upload and thumbnail functions. The underlying cause is misuse in handling craf...

9.8CVSS7.2AI score0.00381EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.46 views

PT-2026-3024

Name of the Vulnerable Software and Affected Versions Omnispace Agora Project versions prior to 25.10 Description A file upload issue exists in Omnispace Agora Project. Attackers can potentially execute code by uploading a specially crafted PDF file. This is possible through the MSL engine of the...

9.8CVSS7AI score0.00381EPSS
Exploits0References8
OSV
OSV
added 2026/01/15 12:0 a.m.5 views

CVE-2025-67079

File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions...

9.8CVSS5.8AI score0.00381EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-2745

Malware in sbrugna...

9.8CVSS7.1AI score0.01972EPSS
Exploits0References15
Rows per page
Query Builder