Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2595 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 6:18 a.m.3 views

SUSE CVE-2005-1524

PHP file inclusion vulnerability in topgraphheader.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the configlibrarypath parameter...

5CVSS7.9AI score0.1587EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 5:48 a.m.2 views

SUSE CVE-2012-1172

The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid open square bracket characters in name values, which makes it easier for remote attackers to cause a denial of service malformed $FILES indexes or conduct directory traversal attacks during multi-file...

5.8CVSS6.9AI score0.06365EPSS
Exploits2References7
SUSE CVE
SUSE CVEadded 2023/02/15 5:30 a.m.4 views

SUSE CVE-2014-1691

The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the formvars form...

7.5CVSS7.7AI score0.42895EPSS
Exploits7References3
Vulnrichment
Vulnrichmentadded 2023/02/13 12:0 a.m.7 views

CVE-2023-24646

An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a crafted PHP file...

9.6AI score0.01071EPSS
Exploits1References1
NVD
NVDadded 2023/02/11 6:15 p.m.14 views

CVE-2023-0783

A vulnerability was found in EcShop 4.1.5. It has been classified as critical. This affects an unknown part of the file /ecshop/admin/template.php of the component PHP File Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS6AI score0.00875EPSS
Exploits1References3
Prion
Prionadded 2023/02/11 6:15 p.m.20 views

Design/Logic Flaw

A vulnerability was found in EcShop 4.1.5. It has been classified as critical. This affects an unknown part of the file /ecshop/admin/template.php of the component PHP File Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

5.8CVSS9.5AI score0.00875EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2023/02/11 5:4 p.m.15 views

CVE-2023-0783 EcShop PHP File template.php unrestricted upload

A vulnerability was found in EcShop 4.1.5. It has been classified as critical. This affects an unknown part of the file /ecshop/admin/template.php of the component PHP File Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

5.8CVSS9.8AI score0.00875EPSS
Exploits1References3
CVE
CVEadded 2023/02/11 5:4 p.m.61 views

CVE-2023-0783

Summary (CVE-2023-0783): EcShop 4.1.5 is affected by a vulnerability in the PHP File Handler, specifically the /ecshop/admin/template.php file, enabling unrestricted upload. Remote initiation is possible; the vulnerability is publicly disclosed (VDB-220641) and reported across multiple feeds (NVD...

9.8CVSS7.2AI score0.00875EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2023/02/11 12:0 a.m.6 views

PT-2023-16524 · Ecshop · Ecshop

Name of the Vulnerable Software and Affected Versions: EcShop version 4.1.5 Description: A critical issue affects the PHP File Handler component, specifically the /ecshop/admin/template.php file, leading to unrestricted upload. The attack can be initiated remotely. Recommendations: For EcShop...

9.8CVSS5.3AI score0.00875EPSS
Exploits1References8
NVD
NVDadded 2023/02/02 9:22 p.m.21 views

CVE-2022-48079

Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system...

9.8CVSS9.8AI score0.01377EPSS
Exploits1References3
Prion
Prionadded 2023/02/02 9:22 p.m.12 views

Improper access control

Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system...

7.5CVSS9.8AI score0.01377EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2023/02/02 1:15 p.m.47 views

CVE-2022-46604

An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution...

8.8CVSS8.9AI score0.08627EPSS
Exploits5References4
Cvelist
Cvelistadded 2023/02/02 12:0 a.m.21 views

CVE-2022-48079

Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system...

10AI score0.01377EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/02/02 12:0 a.m.5 views

PT-2023-15565 · Monnai · Aapanel

Name of the Vulnerable Software and Affected Versions: Monnai aaPanel host system version 1.5 Description: The issue allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system. This is due to an access control...

9.8CVSS9.7AI score0.01377EPSS
Exploits1References6
Vulnrichment
Vulnrichmentadded 2023/02/02 12:0 a.m.3 views

CVE-2022-48079

Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system...

9.8AI score0.01377EPSS
Exploits1References2
CVE
CVEadded 2023/02/02 12:0 a.m.47 views

CVE-2022-48079

CVE-2022-48079 affects the Monnai aaPanel host system v1.5. The root cause is an access control issue that allows attackers to escalate privileges and execute arbitrary code by uploading a crafted PHP file to the system’s virtual host directory. The provided connected documents do not specify a p...

9.8CVSS9.7AI score0.01377EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2023/01/30 10:15 p.m.18 views

CVE-2022-48006

An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploited via manipulation of the upext variable at /include/Model/Upload.php...

9.8CVSS9.6AI score0.00935EPSS
Exploits1References1
OSV
OSVadded 2023/01/30 10:15 p.m.14 views

CVE-2022-48006

An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploited via manipulation of the upext variable at /include/Model/Upload.php...

9.8CVSS9.6AI score
Exploits0References1
Cvelist
Cvelistadded 2023/01/30 12:0 a.m.24 views

CVE-2022-48006

An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploited via manipulation of the upext variable at /include/Model/Upload.php...

9.8AI score0.00935EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2023/01/30 12:0 a.m.10 views

CVE-2022-48006

An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploited via manipulation of the upext variable at /include/Model/Upload.php...

9.8AI score0.00935EPSS
Exploits1References1
Rows per page
Query Builder