Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

ATTACKERKB
ATTACKERKBadded 2026/03/06 12:18 p.m.2 views

CVE-2018-25162

2-Plan Team 1.0.4 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload executable PHP files by sending multipart form data to managefile.php. Attackers can upload PHP files through the userfile1 parameter with action=upload, which are stored in the files...

7.1CVSS6.2AI score0.00116EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2026/03/06 12:18 p.m.6 views

CVE-2018-25162

CVE-2018-25162 affects 2-Plan Team 1.0.4. An authenticated attacker can upload executable PHP files via managefile.php, by sending multipart form data with action=upload and the userfile1 parameter. Uploaded PHP files are stored in the files directory and may be executed by the web server, enabli...

7.1CVSS6.2AI score0.00116EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-5896

Malware in sbrugna...

6.1CVSS6.3AI score0.00359EPSS
Exploits1References3
NVD
NVDadded 2020/08/31 3:15 p.m.15 views

CVE-2020-13655

An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user has access to, the file and target parameters are reflected...

6.1CVSS6.2AI score0.00359EPSS
Exploits1References2
UbuntuCve
UbuntuCveadded 2020/08/31 3:15 p.m.24 views

CVE-2020-13655

An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user has access to, the file and target parameters are reflected...

6.1CVSS6.4AI score0.00359EPSS
Exploits1References3
Cvelist
Cvelistadded 2020/08/31 2:19 p.m.15 views

CVE-2020-13655

An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user has access to, the file and target parameters are reflected...

6.2AI score0.00359EPSS
Exploits1References2
Prion
Prionadded 2009/08/12 10:30 a.m.6 views

Unrestricted file upload

Unrestricted file upload vulnerability in Collabtive 0.4.8 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and using a text/plain MIME type, then accessing it via a direct request to the file in files/, related to 1 the showproject acti...

6.5CVSS7.9AI score0.02054EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2009/08/12 10:30 a.m.7 views

CVE-2008-6948

Unrestricted file upload vulnerability in Collabtive 0.4.8 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and using a text/plain MIME type, then accessing it via a direct request to the file in files/, related to 1 the showproject acti...

6.5CVSS7.3AI score0.02054EPSS
Exploits0References4
Rows per page
Query Builder