Lucene search
K

37 matches found

NVD
NVD
added 5 days ago6 views

CVE-2026-58143

Cotonti Siena 0.9.26 and earlier contains a cross-site request forgery vulnerability that allows unauthenticated attackers to modify administrator configuration by tricking a logged-in administrator into submitting a forged POST request to the admin.php config update handler, which never invokes...

8.8CVSS0.00175EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-58143

Cotonti Siena 0.9.26 and earlier contains a cross-site request forgery vulnerability that allows unauthenticated attackers to modify administrator configuration by tricking a logged-in administrator into submitting a forged POST request to the admin.php config update handler, which never invokes...

8.8CVSS6.1AI score0.00175EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 3:25 p.m.39 views

CVE-2026-48946 Joomla Extension - getk2.org - Privileged RCE vulnerability in K2 extension for Joomla < 2.26

The K2 frontend article-attachment upload path accepts files whose extension is .php, and Apache's standard modphp matches .php$ and executes them under the K2 web user. A K2 Author can upload a shell.php, then fetch /media/k2/attachments/shell.php and execute arbitrary PHP code in the web...

0.00167EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/11 5:16 p.m.14 views

CodeIgniter4 has a validation bypass when uploading file extensions via `ext_in` rule

Impact The extin upload validation rule checked the MIME-derived guessed extension instead of the client-provided filename extension. As a result, an uploaded file named shell.php containing GIF-like content could pass validation such as:...

6.1AI score0.00078EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/06/05 8:17 p.m.13 views

CVE-2026-46400

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 11.0.6 and prior to version 25.0.0, the file upload functionality in HAXCMS PHP only validates file extensions using a regex pattern without checking the actual file content or MIME type. This allows attacker...

8.7CVSS0.00387EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/06 6:34 p.m.20 views

EUVD-2026-27889

Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code by exploiting insufficient file extension restrictions. Attackers with editor, author, contributor, or...

8.8CVSS6.6AI score0.00545EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.6 views

PT-2026-27364

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

8.8CVSS6.3AI score0.00896EPSS
Exploits1References5
CVE
CVE
added 2026/02/18 12:0 a.m.16 views

CVE-2025-70151

CVE-2025-70151 affects code-projects Scholars Tracking System 1.0. An authenticated attacker can achieve remote code execution via unrestricted file upload: the endpoints update_profile_picture.php and upload_picture.php store uploaded files in web-accessible uploads/ using the original filename ...

8.8CVSS6.8AI score0.00589EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/02/03 10:1 p.m.28 views

CVE-2020-37091 Maian Support Helpdesk 4.3 - Cross-Site Request Forgery (Add Admin)

Maian Support Helpdesk 4.3 contains a cross-site request forgery vulnerability that allows attackers to create administrative accounts without authentication. Attackers can craft malicious HTML forms to add admin users and upload PHP files with unrestricted file upload capabilities through the FA...

5.3CVSS0.0015EPSS
Exploits0References3
NVD
NVD
added 2026/01/16 1:16 p.m.9 views

CVE-2025-14894

Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed via the /storage/ URL if a commonly performed setup proce...

9.8CVSS0.00571EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/16 12:43 p.m.7 views

CVE-2025-14894

Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed via the /storage/ URL if a commonly performed setup proce...

9.8CVSS5.5AI score0.00571EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.9 views

Livewire Filemanager security vulnerabilities

Livewire Filemanager is an open-source file management software developed by Livewire. There is a security vulnerability in Livewire Filemanager, which stems from the lack of file type and MIME validation in the LivewireFilemanagerComponent.php file. This vulnerability may allow remote code...

9.8CVSS6.6AI score0.00571EPSS
Exploits0References4
CVE
CVE
added 2026/01/13 10:51 p.m.21 views

CVE-2022-50898

NanoCMS 0.4 is affected by an authenticated file upload vulnerability that enables remote code execution through the page content creation feature. The root cause is lack of input sanitization when uploading PHP files to the server’s pages directory, which can be exploited after authentication. R...

8.8CVSS8AI score0.01112EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:54 a.m.8 views

CVE-2020-10806

eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php...

9.8CVSS8.1AI score0.0232EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/16 5:3 p.m.7 views

EUVD-2023-60196

phpfm 1.7.9 contains an authentication bypass vulnerability that allows attackers to log in by exploiting loose type comparison in password hash validation. Attackers can craft specific password hashes beginning with 0e or 00e to bypass authentication and upload malicious PHP files to the server...

9.8CVSS6.9AI score0.00554EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/05 5:16 p.m.23 views

CVE-2020-36877 ReQuest Serious Play F3 Media Server <= 7.0.3 code execution

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands as the web server user. Attackers can upload PHP executable files via the Quick File Uploader page, resulting in remote code execution on...

9.3CVSS0.00628EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-27286

Malware in sbrugna...

8.8CVSS8.8AI score0.02425EPSS
Exploits0References3
NVD
NVD
added 2025/09/22 10:15 a.m.6 views

CVE-2025-10009

Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja = 5.11.72 allows attackers with admin credentials to execute arbitrary code on the server via uploaded .php files...

8.6CVSS0.00469EPSS
Exploits0References1
OSV
OSV
added 2025/09/22 9:20 a.m.4 views

CVE-2025-10009 Authenticated admin RCE in Invoice Ninja

Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja = 5.11.72 allows attackers with admin credentials to execute arbitrary code on the server via uploaded .php files...

8.6CVSS6.4AI score0.00469EPSS
Exploits0References4
OSV
OSV
added 2024/09/13 6:15 a.m.4 views

CVE-2024-7863

The Favicon Generator CLOSED WordPress plugin before 2.1 does not validate files to be uploaded and does not have CSRF checks, which could allow attackers to make logged in admin upload arbitrary files such as PHP on the server...

6.8CVSS5.9AI score0.00275EPSS
Exploits1References1
Rows per page
Query Builder