CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An arbitrary file upload vulnerability in the isallowedfiletype function of Filemanager v2.3.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

9.8CVSS7.5AI score0.01447EPSS

Exploits1References1

RedhatCVE•added 2025/06/27 3:17 p.m.•2 views

CVE-2021-4457

The ZoomSounds plugin before 6.05 contains a PHP file allowing unauthenticated users to upload an arbitrary file anywhere on the web server...

9.1CVSS7.5AI score0.00405EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 6:46 a.m.•3 views

CVE-2024-52779

DCME-320 =7.4.12.90, DCME-520 =9.25.5.11, DCME-320-L =9.3.5.26, and DCME-720 =9.1.5.11 are vulnerable to Remote Code Execution via /function/audit/newstatistics/monstattop10.php...

9.8CVSS9.7AI score0.02736EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:27 a.m.•6 views

CVE-2022-48006

An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploited via manipulation of the upext variable at /include/Model/Upload.php...

9.8CVSS7.8AI score0.0076EPSS

Exploits1

RedhatCVE•added 2025/05/23 12:1 a.m.•4 views

CVE-2022-43061

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /operations/travellers.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS8.2AI score0.00991EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 11:57 p.m.•4 views

CVE-2022-43234

An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file...

9.8CVSS7.8AI score0.00801EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by