Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2026/05/31 12:0 a.m.13 views

PT-2026-45176

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricte...

6.5CVSS5.5AI score0.00206EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/28 4:0 p.m.2 views

CVE-2026-5001 PromtEngineer localGPT server.py do_POST unrestricted upload

A flaw has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The affected element is the function doPOST of the file backend/server.py. This manipulation causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been publishe...

7.5CVSS5.5AI score0.00294EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/16 3:30 p.m.4 views

EUVD-2026-12253

A flaw has been found in JawherKl node-api-postgres up to 2.5. Affected is the function path.extname of the file index.js of the component Profile Picture Handler. This manipulation causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been published and m...

7.5CVSS5.3AI score0.00348EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/09 7:23 p.m.6 views

CVE-2026-2146

A security flaw has been discovered in guchengwuyue yshopmall up to 1.9.1. This affects the function updateAvatar of the file /api/users/updateAvatar of the component co.yixiang.utils.FileUtil. Performing a manipulation of the argument File results in unrestricted upload. The attack is possible t...

8.8CVSS5.1AI score0.00298EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/23 2:45 a.m.6 views

CVE-2025-15009

A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function FilenameUtils.getExtension of the file /dev-api/common/upload of the component Filename Handler. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launche...

8.8CVSS6.5AI score0.00293EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/12/12 10:2 p.m.3 views

CVE-2025-14583 campcodes Online Student Enrollment System register.php unrestricted upload

A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing a manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be...

7.5CVSS7AI score0.00421EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2025/07/24 12:0 a.m.12 views

Emby Server <= 4.8 Multiple Vulnerabilities

Emby Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:emby:emby.releases"; if...

8.8CVSS5.4AI score0.0032EPSS
Exploits0References2
OSV
OSV
added 2023/03/10 5:15 p.m.3 views

CVE-2023-1328

A vulnerability was found in Guizhou 115cms 4.2. It has been classified as problematic. Affected is an unknown function of the file /admin/content/index. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...

7.2CVSS5.1AI score
Exploits0References3
Rows per page
Query Builder