Lucene search
K

29 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.4 views

CVE-2026-4201

A weakness has been identified in glowxq glowxq-oj up to 6f7c723090472057252040fd2bbbdaa1b5ed2393. This vulnerability affects the function Upload of the file business/business-system/src/main/java/com/glowxq/system/admin/controller/SysFileController.java. Executing a manipulation can lead to...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References1
NVD
NVD
added 2026/02/16 10:16 a.m.6 views

CVE-2026-2550

A vulnerability was found in EFM iptime A6004MX 14.18.2. Affected is the function commitvpnclifileupload of the file /cgi/timepro.cgi. The manipulation results in unrestricted upload. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was...

10CVSS0.0063EPSS
Exploits0References4
NVD
NVD
added 2026/01/13 11:15 p.m.4 views

CVE-2022-50939

e107 CMS version 3.2.1 contains a critical file upload vulnerability that allows authenticated administrators to override arbitrary server files through path traversal. The vulnerability exists in the Media Manager's remote URL upload functionality image.php where the uploadcaption parameter is n...

8.6CVSS0.01087EPSS
Exploits1References4
CVE
CVE
added 2025/12/12 10:2 p.m.11 views

CVE-2025-14582

CVE-2025-14582 affects CampCodes Online Student Enrollment System v1.0. The vulnerability resides in the file /admin/index.php?page=user-profile, where manipulating the userphoto argument enables unrestricted file upload. Exploitation can be performed remotely and public exploits exist. Multiple ...

7.2CVSS4.9AI score0.00338EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2025/11/19 9:15 p.m.5 views

CVE-2025-13411

A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/adminfootball.php. Performing a manipulation of the argument productimage results in unrestricted upload. The attack is possible to be...

9.8CVSS5.5AI score0.00311EPSS
Exploits1References5
CVE
CVE
added 2025/10/08 10:2 a.m.16 views

CVE-2025-11470

CVE-2025-11470 affects SourceCodester Hotel and Lodge Management System up to version 1.0. The vulnerability is in an unknown function of the file /manage_website.php , where manipulation of the argument website_image/back_login_image leads to an unrestricted file upload . It is possible to explo...

7.2CVSS6.5AI score0.00426EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-4126

Malware in sbrugna...

9.8CVSS8.1AI score0.0155EPSS
Exploits0References4
CVE
CVE
added 2025/08/25 7:2 p.m.15 views

CVE-2025-9415

GreenCMS ≤ 2.3.0603 contains an unrestricted file upload vulnerability in index.php?m=admin&c=media&a=fileconnect via manipulation of the upload[] parameter. The issue allows remote exploitation and is linked to publicly available exploits. It affects products no longer maintained. Remediation: u...

9.8CVSS7.1AI score0.00316EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/08/25 3:32 a.m.10 views

CVE-2025-9406 xuhuisheng lemon CmsArticleController.java uploadImage unrestricted upload

A weakness has been identified in xuhuisheng lemon up to 1.13.0. This affects the function uploadImage of the file CmsArticleController.java of the component com.mossle.cms.web.CmsArticleController.uploadImage. This manipulation of the argument Upload causes unrestricted upload. The attack can be...

6.5CVSS0.0034EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.6 views

PT-2025-34036 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro versions through 2.5.18 Description: A weakness has been identified that allows for unrestricted file upload. This issue affects the processing of the file /admin/media.php?action=upload&sid=0. Manipulation of the File argument can...

6.5CVSS6.2AI score0.00066EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/08/13 10:33 a.m.16 views

CVE-2025-8841

A vulnerability was identified in zlt2000 microservices-platform up to 6.0.0. Affected by this vulnerability is the function Upload of the file zlt-business/file-center/src/main/java/com/central/file/controller/FileController.java. The manipulation leads to unrestricted upload. The attack can be...

6.5CVSS7.2AI score0.00275EPSS
Exploits1References1
OSV
OSV
added 2024/04/13 2:15 p.m.6 views

CVE-2024-3736

A vulnerability was found in cym1102 nginxWebUI up to 3.9.9. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /adminPage/main/upload. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been...

7.5CVSS7.2AI score
Exploits0References4
OSV
OSV
added 2023/12/22 4:15 p.m.6 views

CVE-2023-42017

IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, which could allow the...

9.8CVSS6.2AI score0.01073EPSS
Exploits0References2
OSV
OSV
added 2020/09/24 4:15 p.m.3 views

CVE-2020-12840

ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php...

6.5CVSS6.7AI score0.00494EPSS
Exploits1References2
ICS
ICS
added 2019/01/29 12:0 a.m.170 views

Yokogawa License Manager Service

1. EXECUTIVE SUMMARY CVSS v8.1 ATTENTION : Exploitable remotely Vendor : Yokogawa Equipment : License Manager Service Vulnerability : Unrestricted Upload of Files with Dangerous Type 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to remotely upload files,...

10CVSS9.8AI score0.05405EPSS
Exploits0References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

GarageSales Remote Upload Vulnerability

No description provided by source. Exploit Title: GarageSales Remote Upload Vulnerability Date: 06/04/2010 Author: saidinh0 Software Link: N/A Version: 2004/2008 Tested on: Linux/unix CVE : if exists Code : N/A Email : [email protected] | Intorduction :| Hi everybody , This my first bug Remote Uplo...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2013/10/16 10:0 a.m.29 views

CVE-2013-5539

The upload-dialog implementation in Cisco Identity Services Engine ISE allows remote authenticated users to upload files with an arbitrary file type, and consequently conduct attacks against unspecified other systems, via a crafted file, aka Bug ID CSCui67511...

6.5AI score0.00956EPSS
Exploits0References1
0day.today
0day.today
added 2012/04/10 12:0 a.m.379 views

Simple Help Desk Remote Upload Vulnerability

Exploit for php platform in category web applications Author : L3b-r1'z Title : Simple Help Desk Remote Upload Vulnerability Email : email protected Site : Sec4Leb.Com Download : http://simplehelpdesk.com/helpdeskfinal.zip Dork : allintitle: "Help Desk - Log In" Upload Vuln + P0c : First Register...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/12/07 12:0 a.m.49 views

SOOP Portal Raven 1.0b - Arbitrary File Upload

Exploit Title: SOOP Portal Raven 1.0b Remote Upload Shell Vulnerability Google Dork: "Powered by SOOP Portal Raven 1.0b" Date: 06-12-2010 Author: Sun Army Version: Raven 1.0b Tested on: Win 2003 Exploit 1.Register On Site 2.Shell Renamed to .asp.jpg shell.asp.jpg 3.Go This Page --...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/12/05 12:0 a.m.54 views

SOOP Portal 2.0 Shell Upload

I N F O Exploit Title: SOOP Portal 2.0 Remote Upload Shell Vulnerability DDate: 05-12-2010 Author: Net.Edit0r Software Link: www.soopportal.com Version: 2.0 Tested on: windows server 2008 Contact: [email protected] [email protected] E X P L O I T 1. Register On Site 2...

7.4AI score
Exploits0
Rows per page
Query Builder