Lucene search
K

133 matches found

OSV
OSV
added 2025/10/28 2:2 a.m.6 views

CVE-2025-12347 MaxSite CMS save-file-ajax.php unrestricted upload

A flaw has been found in MaxSite CMS up to 109. This issue affects some unknown processing of the file application/maxsite/admin/plugins/editorfiles/save-file-ajax.php. Executing manipulation of the argument filepath/content can lead to unrestricted upload. The attack can be executed remotely. Th...

5.3CVSS5.5AI score0.0036EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/10/28 2:2 a.m.13 views

CVE-2025-12347 MaxSite CMS save-file-ajax.php unrestricted upload

A flaw has been found in MaxSite CMS up to 109. This issue affects some unknown processing of the file application/maxsite/admin/plugins/editorfiles/save-file-ajax.php. Executing manipulation of the argument filepath/content can lead to unrestricted upload. The attack can be executed remotely. Th...

6.5CVSS0.0036EPSS
Exploits1References4
CVE
CVE
added 2025/10/28 2:2 a.m.18 views

CVE-2025-12347

CVE-2025-12347 affects MaxSite CMS up to version 109. The vulnerability resides in the interactive handling of file_path/content in the file application/maxsite/admin/plugins/editor_files/save-file-ajax.php, where manipulation can lead to unrestricted file uploads. Exploitation can be performed r...

8.8CVSS6.2AI score0.0036EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/28 12:0 a.m.7 views

PT-2025-44083

Name of the Vulnerable Software and Affected Versions MaxSite CMS versions prior to 110 Description A flaw exists in MaxSite CMS that allows for unrestricted file uploads. This issue is related to the processing of the file path and content arguments within the file...

8.8CVSS6.3AI score0.0036EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/10/28 12:0 a.m.6 views

MaxSite CMS 代码问题漏洞

MaxSite CMS is a Russian open source web content management system from MaxSite CMS. A code issue vulnerability exists in MaxSite CMS version 109 and prior versions, which stems from incorrect manipulation of the parameters filepath or content in the file...

8.8CVSS6.5AI score0.0036EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-1999-1526

Malware in sbrugna...

2.1CVSS6.4AI score0.00323EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-3038

Malware in sbrugna...

4.2CVSS5.6AI score0.01809EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29266

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00313EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54888

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.01117EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/17 10:45 p.m.5 views

CVE-2025-10480

A weakness has been identified in SourceCodester Online Student File Management System 1.0. This affects an unknown function of the file /savefile.php. Executing manipulation can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public an...

9.8CVSS6.8AI score0.00313EPSS
Exploits1References1
NVD
NVD
added 2025/09/15 10:15 p.m.15 views

CVE-2025-10480

A weakness has been identified in SourceCodester Online Student File Management System 1.0. This affects an unknown function of the file /savefile.php. Executing manipulation can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public an...

9.8CVSS0.00313EPSS
Exploits1References5
OSV
OSV
added 2025/09/15 10:15 p.m.4 views

CVE-2025-10480

A weakness has been identified in SourceCodester Online Student File Management System 1.0. This affects an unknown function of the file /savefile.php. Executing manipulation can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public an...

9.8CVSS5.6AI score0.00313EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/15 9:32 p.m.12 views

CVE-2025-10480 SourceCodester Online Student File Management System save_file.php unrestricted upload

A weakness has been identified in SourceCodester Online Student File Management System 1.0. This affects an unknown function of the file /savefile.php. Executing manipulation can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public an...

6.5CVSS0.00313EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.7 views

PT-2025-37765

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student File Management System version 1.0 Description: A weakness exists in SourceCodester Online Student File Management System 1.0 related to unrestricted file upload through manipulation of the /save file.php file an...

6.5CVSS6.3AI score0.00313EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.4 views

SourceCodester Online Student File Management 代码问题漏洞

SourceCodester Online Student File Management is a SourceCodester open source online student file management system. A code issue vulnerability exists in SourceCodester Online Student File Management version 1.0, which stems from an unrestricted upload function in file/savefile.php, which could...

9.8CVSS6.8AI score0.00313EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/09/02 10:35 p.m.4 views

CVE-2025-9748

A vulnerability was determined in Tenda CH22 1.0.0.1. Affected by this issue is the function fromIpsecitem of the file /goform/IPSECsave of the component httpd. Executing manipulation of the argument ipsecno can lead to stack-based buffer overflow. The attack may be performed from remote...

9.8CVSS7.3AI score0.00761EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-24291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - A crafted save file can cause a buffer overrun in Simon Tatham's Portable Puzzle Collection CVE-2023-24291 Note that Nessus relies on the presenc...

5.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-24286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - A crafted save file can cause a buffer overrun in the Mosaic puzzle CVE-2023-24286 Note that Nessus relies on the presence of the package as...

5.9AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/21 12:26 a.m.15 views

CVE-2024-44373

A Path Traversal vulnerability in AllSky v2023.05.01 through v2024.12.0606 allows an unauthenticated attacker to create a webshell and remote code execution via the path, content parameter to /includes/savefile.php...

9.8CVSS8.2AI score0.01117EPSS
Exploits0References1
NVD
NVD
added 2025/08/19 7:15 p.m.7 views

CVE-2024-44373

A Path Traversal vulnerability in AllSky v2023.05.01 through v2024.12.0606 allows an unauthenticated attacker to create a webshell and remote code execution via the path, content parameter to /includes/savefile.php...

9.8CVSS0.01117EPSS
Exploits0References4
Rows per page
Query Builder