Lucene search
K

9 matches found

Nuclei
Nuclei
added 2026/06/16 7:13 a.m.111 views

FortiLogger 4.4.2.2 - Arbitrary File Upload

FortiLogger 4.4.2.2 is affected by arbitrary file upload issues. Attackers can send a "Content-Type: image/png" header to Config/SaveUploadedHotspotLogoFile and then Assets/temp/hotspot/img/logohotspot.asp. id: CVE-2021-3378 info: name: FortiLogger 4.4.2.2 - Arbitrary File Upload author:...

9.8CVSS8.5AI score0.97512EPSS
Exploits8References5
NVD
NVD
added 2026/05/16 4:16 p.m.11 views

CVE-2020-37227

HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass client-side file extension validation by uploading arbitrary files. Attackers can intercept upload requests to the logoupload parameter in the admin interface and rename files to...

8.8CVSS0.00541EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/16 3:25 p.m.10 views

EUVD-2020-31228

HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass client-side file extension validation by uploading arbitrary files. Attackers can intercept upload requests to the logoupload parameter in the admin interface and rename files to...

8.8CVSS6.3AI score0.00541EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/16 3:25 p.m.7 views

CVE-2020-37227

HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass client-side file extension validation by uploading arbitrary files. Attackers can intercept upload requests to the logoupload parameter in the admin interface and rename files to...

8.8CVSS6.3AI score0.00541EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/16 3:25 p.m.18 views

CVE-2020-37227

HS Brand Logo Slider 2.1 (a WordPress plugin) has an unrestricted file upload vulnerability. Authenticated users can bypass client-side extension checks by targeting the logoupload parameter in the admin interface and rename uploaded files to executable extensions such as .php, enabling remote co...

8.8CVSS6.3AI score0.00541EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/16 3:25 p.m.39 views

CVE-2020-37227 WordPress Plugin HS Brand Logo Slider 2.1 Unrestricted File Upload

HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass client-side file extension validation by uploading arbitrary files. Attackers can intercept upload requests to the logoupload parameter in the admin interface and rename files to...

8.8CVSS0.00541EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/16 3:25 p.m.8 views

CVE-2020-37227 WordPress Plugin HS Brand Logo Slider 2.1 Unrestricted File Upload

HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass client-side file extension validation by uploading arbitrary files. Attackers can intercept upload requests to the logoupload parameter in the admin interface and rename files to...

8.8CVSS6.3AI score0.00541EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/16 12:0 a.m.12 views

PT-2026-41427

HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass client-side file extension validation by uploading arbitrary files. Attackers can intercept upload requests to the logoupload parameter in the admin interface and rename files to...

8.8CVSS6.3AI score0.00541EPSS
Exploits0References5
CNVD
CNVD
added 2020/10/26 12:0 a.m.2 views

WordPress Plugin HS Brand Logo Slider 'logoupload' File Upload Vulnerability

WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. A file upload vulnerability exists in the WordPress plugin HS Brand Logo Slider 'logoupload...

6.8AI score
Exploits0References1
Rows per page
Query Builder