Lucene search
K

8 matches found

NVD
NVD
added 2026/01/28 9:16 p.m.5 views

CVE-2026-1532

A vulnerability was identified in D-Link DCS-700L 1.03.09. The affected element is the function uploadmusic of the file /setUploadMusic of the component Music File Upload Service. The manipulation of the argument UploadMusic leads to path traversal. The attack can only be initiated within the loc...

5.5CVSS0.00714EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/28 8:32 p.m.4 views

CVE-2026-1532

A vulnerability was identified in D-Link DCS-700L 1.03.09. The affected element is the function uploadmusic of the file /setUploadMusic of the component Music File Upload Service. The manipulation of the argument UploadMusic leads to path traversal. The attack can only be initiated within the loc...

4.8CVSS5.6AI score0.00714EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/28 12:0 a.m.8 views

PT-2026-5216

Name of the Vulnerable Software and Affected Versions D-Link DCS-700L version 1.03.09 Description A path traversal issue exists in the Music File Upload Service component of D-Link DCS-700L. The issue is located in the uploadmusic function of the /setUploadMusic file. Manipulation of the...

4.8CVSS5.8AI score0.00714EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/11 6:30 p.m.6 views

EUVD-2025-33868

A weakness has been identified in harry0703 MoneyPrinterTurbo up to 1.2.6. The impacted element is the function uploadmusic of the file app/controllers/v1/music.py of the component API Endpoint. Executing manipulation of the argument File can lead to path traversal. The attack may be performed fr...

6.5CVSS6.2AI score0.00418EPSS
Exploits0References5
NVD
NVD
added 2025/10/11 5:15 p.m.6 views

CVE-2025-11607

A weakness has been identified in harry0703 MoneyPrinterTurbo up to 1.2.6. The impacted element is the function uploadmusic of the file app/controllers/v1/music.py of the component API Endpoint. Executing a manipulation of the argument File can lead to path traversal. The attack may be performed...

8.8CVSS0.00418EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-3366

Malware in sbrugna...

7CVSS6.9AI score0.00708EPSS
Exploits0References2
Prion
Prion
added 2017/07/30 6:29 p.m.17 views

Code injection

In Earcms Ear Music through 4.1 build 20170710, remote authenticated users can execute arbitrary PHP code by changing the allowable music-upload extensions to include .php in addition to .mp3 and .m4a in admin.php?iframe=configupload, and then using user.php/music/add/ to upload the code...

6CVSS7AI score0.00708EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/07/30 6:0 p.m.26 views

CVE-2017-11756

In Earcms Ear Music through 4.1 build 20170710, remote authenticated users can execute arbitrary PHP code by changing the allowable music-upload extensions to include .php in addition to .mp3 and .m4a in admin.php?iframe=configupload, and then using user.php/music/add/ to upload the code...

7.1AI score0.00708EPSS
Exploits0References1
Rows per page
Query Builder