Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2026/05/08 7:16 a.m.6 views

CVE-2025-67887

1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privilege...

9.8CVSS0.00045EPSS
Exploits4References6
CNNVD
CNNVDadded 2026/02/03 12:0 a.m.3 views

Arox School ERP Pro 代码问题漏洞

Arox School ERP Pro is a one-stop automation management platform offered by Arox Corporation. Version 1.0 of Arox School ERP Pro has a code vulnerability. This vulnerability stems from improper file validation in the pre-editstudent.inc.php file. It allows authenticated administrator users to...

8.6CVSS6.1AI score0.00598EPSS
Exploits1References6
EUVD
EUVDadded 2025/11/24 9:31 p.m.2 views

EUVD-2025-198992

Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi/server/fileupload.php. The endpoint accepts attacker-supplied values in the name and uploadDir parameters and saves the provided multipart file content without adequate validation or sanitization of...

9.3CVSS7.7AI score0.00751EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2007-3757

Malware in sbrugna...

9.3CVSS6.4AI score0.00836EPSS
Exploits0References5
Cvelist
Cvelistadded 2024/03/12 8:10 a.m.18 views

CVE-2024-25994 PHOENIX CONTACT: Unintended script file upload in CHARX Series

An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and is write only...

5.3CVSS5.8AI score0.00145EPSS
Exploits0References1
CNNVD
CNNVDadded 2021/10/29 12:0 a.m.1 views

Online Reviewer System 代码问题漏洞

Online Reviewer System is a software application. An online reviewer system. A security vulnerability exists in Sourcecodester Online Reviewer System version 2.0, which allows an attacker to bypass the image upload filter and upload a maliciously crafted PHP file...

9.8CVSS8.4AI score0.00762EPSS
Exploits1References2
CNVD
CNVDadded 2020/03/09 12:0 a.m.2 views

PHPGurukul Online Book Store Unauthenticated File Upload Vulnerability

PHPGurukul Online Book Store is a simple online web store made with php, mysql and bootstrap. An unauthenticated file upload vulnerability exists in adminadd.php in PHPGurukul Online Book Store 1.0. An unauthenticated remote attacker could use this vulnerability to upload content, including PHP...

9.8CVSS7.5AI score0.13529EPSS
Exploits1References1
Prion
Prionadded 2018/06/29 5:29 p.m.10 views

Privilege escalation

An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI...

9CVSS7.3AI score0.01366EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2018/06/29 5:29 p.m.8 views

CVE-2018-13021

An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI...

9CVSS7.3AI score0.01366EPSS
Exploits1References1
Rows per page
Query Builder