Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Vulnrichment
Vulnrichmentadded 2026/05/06 6:42 p.m.9 views

CVE-2026-41938 Vvveb < 1.0.8.2 RCE via Media Upload Handler

Vvveb before version 1.0.8.2 contains an unrestricted file upload vulnerability in the media upload handler that allows authenticated users with media-upload permissions to bypass extension restrictions by uploading a .htaccess file to map .phtml extensions to the PHP handler. Attackers can uploa...

8.8CVSS6.6AI score0.00541EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-31015

Malicious code in bioql PyPI...

7.2CVSS7AI score0.00951EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:31 a.m.7 views

CVE-2023-27235

An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file...

7.2CVSS7.8AI score0.00951EPSS
Exploits1References1
OSV
OSVadded 2024/01/31 3:15 a.m.1 views

CVE-2023-31505

An arbitrary file upload vulnerability in Schlix CMS v2.2.8-1, allows remote authenticated attackers to execute arbitrary code and obtain sensitive information via a crafted .phtml file...

7.2CVSS6.1AI score0.01158EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/01/31 12:0 a.m.12 views

CVE-2023-31505

An arbitrary file upload vulnerability in Schlix CMS v2.2.8-1, allows remote authenticated attackers to execute arbitrary code and obtain sensitive information via a crafted .phtml file...

7.2AI score0.01158EPSS
Exploits1References1
NVD
NVDadded 2023/03/15 5:15 a.m.13 views

CVE-2023-27235

An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file...

7.2CVSS7.2AI score0.00951EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/03/15 12:0 a.m.20 views

CVE-2023-27235

An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file...

7.4AI score0.00951EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/03/15 12:0 a.m.5 views

JIZHICMS 代码问题漏洞

Extreme Networks Technology JIZHICMS Extreme CMS is an open source content management system CMS from China's Extreme Networks Technology. A security vulnerability exists in JIZHICMS version v2.4.5, which originates from the admincCommonController.php component that allows an attacker to execute...

7.2CVSS7.5AI score0.00951EPSS
Exploits1References2
BDU FSTEC
BDU FSTECadded 2019/06/14 12:0 a.m.3 views

The vulnerability in the “One Portal for Housing Fund Monitoring” platform, related to insufficient verification of the types of uploaded files, allows a perpetrator to execute arbitrary codes.

The vulnerability in the “One Portal for Housing Fund Monitoring” platform is related to insufficient verification of the types of files being uploaded. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by uploading a specially crafted php file with the extensi...

9CVSS6AI score
Exploits0
Prion
Prionadded 2017/07/28 5:29 a.m.15 views

Code injection

job/uploadfilesave.php in MetInfo through 5.3.17 blocks the .php extension but not related extensions, which might allow remote authenticated admins to execute arbitrary PHP code by uploading a .phtml file after certain actions involving admin/system/safe.php and job/cv.php...

6.5CVSS9.4AI score0.01492EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder