Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:36 a.m.7 views

CVE-2021-41764

A cross-site request forgery CSRF vulnerability exists in Streama up to and including v1.10.3. The application does not have CSRF checks in place when performing actions such as uploading local files. As a result, attackers could make a logged-in administrator upload arbitrary local files via a...

8.8CVSS6.8AI score0.00682EPSS
Exploits1References1
NVD
NVD
added 2024/03/21 4:15 a.m.9 views

CVE-2024-22724

An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature...

6.6CVSS7.4AI score0.00309EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/09/06 9:5 p.m.16 views

CVE-2022-36065 GrowthBook account creation and file upload vulnerability in self-hosted configurations

GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...

7.5CVSS7.8AI score0.01102EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2021/09/29 8:15 p.m.2 views

CVE-2021-41764

A cross-site request forgery CSRF vulnerability exists in Streama up to and including v1.10.3. The application does not have CSRF checks in place when performing actions such as uploading local files. As a result, attackers could make a logged-in administrator upload arbitrary local files via a...

8.8CVSS7.3AI score0.00682EPSS
Exploits1References4
myhack58
myhack58
added 2011/09/01 12:0 a.m.14 views

Fckeditor local TEST. HTML-vulnerability warning-the black bar safety net

Since the previous storm the TEST. HTML upload 0day later, a lot of webmasters to the TEST. HTML to delete. But upload The file didn't delete it. Such words can be themselves in the construction of one. Below is my collection. Put the following code saved into a TEST. HTML. Then modify it to uplo...

7.3AI score
Exploits0
myhack58
myhack58
added 2011/03/13 12:0 a.m.13 views

DedeCms v5. 6 malicious code execution vulnerability-vulnerability warning-the black bar safety net

Affected version: DedeCms v5. 6 vulnerability description: In the upload software of the Local, the local address not be effectively verified, it can be maliciously used Test method: Registered members, upload software: the local address is filled into a/dede:linkdede:toby57...

1.9AI score
Exploits0
Exploit DB
Exploit DB
added 2010/05/29 12:0 a.m.30 views

Webiz 2004 - Local File Upload

Exploit Title: Webiz local SHELL Upload Vulnerability Date: 23-05-2010 Author: kannibal615 Software Link: N/A Version: 2004 Tested on: PHP CVE : N/A Code : @@ @@ @@@@@@ @@ @@ @@@@ @@@@@@@ @@ @@ @@@@@@@ @@@@@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@@ @@@@@@@@ @@ @@ @@ @@@@ @@@@@@ @@ @...

7.4AI score
Exploits0
myhack58
myhack58
added 2010/03/10 12:0 a.m.26 views

The new cloud 4. 0 registered upload vulnerability-vulnerability warning-the black bar safety net

First download a serawebinfo Put the following configuration file is saved as xunyun. seraph url=http://localhost/users/upload. asp? action=save&ChannelID=1&sType= filefield=File1 filefield2= filename=2 0 0 9 8 1 6 2 3 5 5 4. cer;. gif filename2= local=C:\Documents and Settings\seraph\ 桌面 \1.jpg...

Exploits0
Tenable Nessus
Tenable Nessus
added 2008/08/07 12:0 a.m.257 views

GLSA-200808-03 : Mozilla products: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200808-03 Mozilla products: Multiple vulnerabilities The following vulnerabilities were reported in all mentioned Mozilla products: TippingPoint's Zero Day Initiative reported that an incorrect integer data type is used as a CSS...

10CVSS6.2AI score0.13949EPSS
Exploits5References17
0day.today
0day.today
added 2008/05/29 12:0 a.m.14 views

CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability

Exploit for unknown platform in category web applications ======================================================================= CMS from Scratch special THanks to EgiX For founded it :d: Exploit : http://localhost/path/cms/images.php?dir=c: Example :...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2004/10/16 4:0 a.m.28 views

CVE-2004-0959

rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$FILES" array to be modified...

6.2AI score0.00577EPSS
Exploits0References8
Rows per page
Query Builder