Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/01/13 12:0 a.m.3 views

PT-2026-2383

Name of the Vulnerable Software and Affected Versions e107 CMS version 3.2.1 Description e107 CMS version 3.2.1 has a file upload issue. Authenticated administrative users can bypass upload restrictions and execute PHP files. An attacker can upload malicious PHP files to parent directories by...

8.8CVSS8.2AI score0.00598EPSS
Exploits1References6
Exploit DB
Exploit DBadded 2025/04/11 12:0 a.m.169 views

flatCore 1.5 - Cross Site Request Forgery (CSRF)

Exploit Title: flatCore 1.5 - Cross Site Request Forgery CSRF Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/flatCore/flatCore-CMS Software Link: https://github.com/flatCore/flatCore-CMS Version: d3a5168 Tested on: Ubuntu Windows CVE : CVE-2019-13961 PoC: CSRF PoC...

8.8CVSS8.9AI score0.00484EPSS
Exploits4
Packet Storm
Packet Stormadded 2024/09/11 12:0 a.m.306 views

Queuing Simple Chatbot 1.0 Shell Upload

============================================================================================================================================= | Title : Queuing Simple Chatbot 1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2015/09/16 12:0 a.m.28 views

ZeusCart 4.0 Code Execution

ZeusCart 4.0: Code Execution Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 08/13/2015 Disclose...

7.4AI score
Exploits0
0day.today
0day.todayadded 2014/04/23 12:0 a.m.35 views

No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption Key

Exploit for php platform in category web applications ?php / Static encryptionkey of No-CMS lead to Session Array Injection in order to hijack administrator account then you will be able for upload php files to server via theme/module upload. This exploit generates cookie for administrator access...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2014/04/22 12:0 a.m.51 views

No-CMS 0.6.6 Rev 1 Account Hijack / Remote Command Execution

mcryptexists = functionexists'mcryptencrypt';...

0.7AI score
Exploits0
0day.today
0day.todayadded 2012/04/22 12:0 a.m.29 views

Web2bizz Remote File UPLOAD

Exploit for php platform in category web applications +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Web2bizz Pvt. Ltd. RFUPLOAD Date : 20-04-2012 Author : TeaM MosTa Version : /N/ Dork : "Powered ...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2008/03/03 12:0 a.m.19 views

netoffice-exec.txt

netOffice Dwins 1.3 Remote code execution. -------------------------------------------------------- Product: netOffice Dwins Version: 1.3 p2 Vendor: http://netofficedwins.sourceforge.net/ Date: 02/29/08 - Introduction "netOffice Dwins is a free web based time tracking, timesheet, and project...

7.4AI score
Exploits0
Rows per page
Query Builder