Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:11 a.m.6 views

CVE-2019-11447

An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatarfile field to index.php?mod=main=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content of a...

8.8CVSS7.2AI score0.52901EPSS
Exploits10References1
NVD
NVDadded 2019/04/22 11:29 a.m.26 views

CVE-2019-11447

An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatarfile field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content ...

8.8CVSS8.8AI score0.52901EPSS
Exploits10References3
Prion
Prionadded 2019/04/22 11:29 a.m.24 views

Design/Logic Flaw

An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatarfile field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content ...

6.5CVSS8.8AI score0.52901EPSS
Exploits10References3Affected Software1
Cvelist
Cvelistadded 2019/04/22 4:1 a.m.27 views

CVE-2019-11447

An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatarfile field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content ...

8.9AI score0.52901EPSS
Exploits10References3
CVE
CVEadded 2019/04/22 4:1 a.m.314 views

CVE-2019-11447

CVE-2019-11447 affects CuteNews 2.1.2 (CutePHP CuteNews). The vulnerability allows remote code execution via the avatar upload process: an attacker can place a crafted file in avatar_file for index.php?mod=main&opt=personal, exploiting insufficient validation of image size ($imgsize) in /core/mod...

8.8CVSS8.7AI score0.52901EPSS
In wildExploits10References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2019/04/22 12:0 a.m.333 views

CVE-2019-11447

An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatarfile field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content ...

8.8CVSS8.7AI score0.52901EPSS
In wildExploits10References5
ThreatPost
ThreatPostadded 2018/10/04 4:10 p.m.16 views

Apple, Amazon Strongly Refute Server Infiltration Report

Apple and Amazon are strongly refuting a report claiming that Chinese spies infiltrated third-party motherboards used on servers by U.S. companies. If true, the incident would be the largest supply chain attack to have been launched against American corporations, say experts. According to a...

7.1AI score
Exploits0References6
Rows per page
Query Builder