Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.7 views

PT-2026-33506

Name of the Vulnerable Software and Affected Versions Stirling-PDF versions prior to 2.0.0 Description File upload endpoints render user-supplied filenames directly into HTML using unsafe methods such as innerHTML without sanitization. This allows an attacker to craft a file with a malicious...

6.1CVSS5.8AI score0.00168EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/07/15 12:0 a.m.31 views

openSUSE 15 Security Update : python-Django (SUSE-SU-2023:2839-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2839-1 advisory. - CVE-2023-31047: Fixed a potential bypass of validation when uploading multiple files using one form field bsc1210866. - CVE-2023-36053: Fixed...

9.8CVSS6.9AI score0.02669EPSS
Exploits0References7
seebug.org
seebug.org
added 2015/12/28 12:0 a.m.86 views

金蝶某系统存在任意文件上传漏洞可威胁内网

简要描述: 上传绕过,可内网才是关键 详细说明: WooYun: 某大型在线考试系统通用型任意文件上传(涉及银行、证卷等企业) 问题发生后,是有进行相应的修补,但修补的有问题,限制了对jsp马的上传,但jspx毫无限制 上传jsp直接报错 但是jspx就 http://exam.kingdee.com/mana/edit/attachupload.jsp 可直接上传jspx马 上传成功后直接查看源代码获取shell地址 漏洞证明:...

7.1AI score
Exploits0
0day.today
0day.today
added 2011/05/04 12:0 a.m.36 views

Bitweaver 2.x (FCKeditor) Multiple Arbitrary Shell Upload

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
0day.today
0day.today
added 2011/05/02 12:0 a.m.190 views

WysGui <= 2.3 (FCKeditor) Multiple Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
0day.today
0day.today
added 2011/04/27 12:0 a.m.22 views

Ariadne <= 2.7.4 Multiple Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
0day.today
0day.today
added 2011/04/26 12:0 a.m.4716 views

deV!L`z Clanportal (DZCP 1.5.5.2) Multiple Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/02/27 12:0 a.m.84 views

MTCMS multiple upload vulnerabilities

avatar upload vulnerability: upload any kind of file in: site.com/MTCMS-V2.2/?a=gallery&b=adddown and approuved or not it will be here : /uploads/pictures/ same thing for : add link /index.php?a=links&b=addlink xss permanent on Contact Us : message & title fields are vulnerable to an xss attack...

1.9AI score
Exploits0
Rows per page
Query Builder