Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

25 matches found

RedhatCVE
RedhatCVEadded 2026/05/28 8:13 p.m.9 views

CVE-2026-38807

Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component...

8.8CVSS5.8AI score0.00087EPSS
Exploits0References1
NVD
NVDadded 2026/05/27 6:16 p.m.8 views

CVE-2026-38807

Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component...

8.8CVSS0.00087EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/05/27 12:0 a.m.5 views

kvf-admin 安全漏洞

kvf-admin is a set of rapid development frameworks, scaffolding, backend management systems, and permission systems developed by KalvinGit’s individual developers. Version 1.1.0 of kvf-admin contains a security vulnerability. This vulnerability stems from improper permission settings in the...

8.8CVSS5.8AI score0.00087EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/05/27 12:0 a.m.7 views

PT-2026-44048

Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component...

5.8AI score0.00087EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/27 12:0 a.m.7 views

CVE-2026-38807

Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component...

5.8AI score0.00087EPSS
Exploits0References2
CVE
CVEadded 2026/05/27 12:0 a.m.9 views

CVE-2026-38807

The CVE-2026-38807 entry concerns an insecure permissions vulnerability in kvf-admin v1.0.0 that enables a remote attacker to escalate privileges via the UserController.java component. Affected software is kvf-admin; the root cause is insecure access control in UserController.java leading to unau...

8.8CVSS5.8AI score0.00087EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/27 12:0 a.m.8 views

CVE-2026-38807

Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component...

5.8AI score0.00087EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/27 12:0 a.m.37 views

CVE-2026-38807

Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component...

0.00087EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-38730

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01773EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:15 a.m.1 views

CVE-2024-9291

A vulnerability classified as problematic has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff. Affected is an unknown function of the file /ueditor/upload?configPath=ueditor/config.json=uploadfile of the component XML File Handler. The manipulation of the argument...

5.4CVSS5.4AI score0.00136EPSS
Exploits1References1
CNVD
CNVDadded 2024/09/30 12:0 a.m.5 views

kvf-admin cross-site scripting vulnerability

kvf-admin is a rapid development framework, scaffolding, backend management system, permission system. kvf-admin cross-site scripting vulnerability , the vulnerability stems from the file / ueditor/upload?configPath=ueditor/config.json&action=uploadfile parameter upfile lack of effective filterin...

5.4CVSS6.4AI score0.00136EPSS
Exploits1References1
OSV
OSVadded 2024/09/27 9:15 p.m.0 views

CVE-2024-9291

A vulnerability classified as problematic has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff. Affected is an unknown function of the file /ueditor/upload?configPath=ueditor/config.json&action=uploadfile of the component XML File Handler. The manipulation of the...

5.4CVSS3.8AI score
Exploits0References5
NVD
NVDadded 2024/09/27 9:15 p.m.10 views

CVE-2024-9291

A vulnerability classified as problematic has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff. Affected is an unknown function of the file /ueditor/upload?configPath=ueditor/config.json&action=uploadfile of the component XML File Handler. The manipulation of the...

5.4CVSS0.00136EPSS
Exploits1References5
CVE
CVEadded 2024/09/27 9:0 p.m.43 views

CVE-2024-9291

CVE-2024-9291 concerns kalvinGit kvf-admin (XML File Handler). The vulnerability affects the file "/ueditor/upload?configPath=ueditor/config.json&action=uploadfile" where manipulation of the upfile argument enables cross-site scripting. It can be exploited remotely, and the exploit has been discl...

5.4CVSS4AI score0.00136EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2024/09/27 12:15 p.m.2 views

CVE-2024-9280

A vulnerability has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff and classified as critical. This vulnerability affects the function fileUpload of the file FileUploadKit.java. The manipulation of the argument file leads to unrestricted upload. The attack can be...

9.8CVSS5.5AI score
Exploits0References4
NVD
NVDadded 2024/09/27 12:15 p.m.7 views

CVE-2024-9280

A vulnerability has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff and classified as critical. This vulnerability affects the function fileUpload of the file FileUploadKit.java. The manipulation of the argument file leads to unrestricted upload. The attack can be...

9.8CVSS0.00182EPSS
Exploits0References4
Cvelist
Cvelistadded 2024/09/27 12:0 p.m.25 views

CVE-2024-9280 kalvinGit kvf-admin FileUploadKit.java fileUpload unrestricted upload

A vulnerability has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff and classified as critical. This vulnerability affects the function fileUpload of the file FileUploadKit.java. The manipulation of the argument file leads to unrestricted upload. The attack can be...

5.8CVSS0.00182EPSS
Exploits0References4
CVE
CVEadded 2024/09/27 12:0 p.m.49 views

CVE-2024-9280

CVE-2024-9280 affects kalvinGit kvf-admin (up to commit f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff). The root cause is in FileUploadKit.java: the fileUpload function allows unrestricted uploads by manipulating the file argument, enabling remote exploitation. Public exploit exists. No versioned fix ...

9.8CVSS5.3AI score0.00182EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2024/09/27 12:0 p.m.14 views

CVE-2024-9280 kalvinGit kvf-admin FileUploadKit.java fileUpload unrestricted upload

A vulnerability has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff and classified as critical. This vulnerability affects the function fileUpload of the file FileUploadKit.java. The manipulation of the argument file leads to unrestricted upload. The attack can be...

5.8CVSS6.9AI score0.00182EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2024/09/27 12:0 a.m.1 views

PT-2024-39546 · Unknown · Kalvingit Kvf-Admin

Name of the Vulnerable Software and Affected Versions: kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff Description: A problematic vulnerability has been found in the XML File Handler component of kalvinGit kvf-admin. The issue affects an unknown function of the file...

5.4CVSS4.3AI score0.00136EPSS
Exploits1References8
Rows per page
Query Builder