Lucene search
K

240 matches found

Cvelist
Cvelist
added 2026/04/07 9:8 p.m.20 views

CVE-2026-34371 LibreChat Affected by Arbitrary File Write via `execute_code` Artifact Filename Traversal

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the executecode sandbox when persisting code-generated artifacts. On deployments using the default local file strategy, a malicious artifact filename containing traversal sequences f...

6.3CVSS0.00258EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.4 views

CVE-2026-27895

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type including .php files can be uploaded. With...

8.8CVSS6.5AI score0.00419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.5 views

CVE-2026-33319

WWBN AVideo is an open source video platform. Prior to version 26.0, the uploadVideoToLinkedIn method in the SocialMediaPublisher plugin constructs a shell command by directly interpolating an upload URL received from LinkedIn's API response, without sanitization via escapeshellarg. If an attacke...

7.5CVSS6AI score0.00323EPSS
Exploits1References1
NVD
NVD
added 2026/03/22 5:17 p.m.5 views

CVE-2026-33319

WWBN AVideo is an open source video platform. Prior to version 26.0, the uploadVideoToLinkedIn method in the SocialMediaPublisher plugin constructs a shell command by directly interpolating an upload URL received from LinkedIn's API response, without sanitization via escapeshellarg. If an attacke...

7.5CVSS0.00323EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/22 4:29 p.m.8 views

CVE-2026-33319

WWBN AVideo is an open source video platform. Prior to version 26.0, the uploadVideoToLinkedIn method in the SocialMediaPublisher plugin constructs a shell command by directly interpolating an upload URL received from LinkedIn's API response, without sanitization via escapeshellarg. If an attacke...

5.9CVSS6AI score0.00323EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/03/18 12:16 a.m.7 views

UBUNTU-CVE-2026-27895

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type including .php files can be uploaded. With...

8.8CVSS6.4AI score0.00419EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/17 11:51 p.m.29 views

CVE-2026-27895 LAM has incorrect regular expression in PDF export component that allows user to upload files of any type

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type including .php files can be uploaded. With...

4.3CVSS0.00419EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/03/17 11:51 p.m.6 views

CVE-2026-27895

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. Prior to version 9.5, the PDF export component does not correctly validate uploaded file extensions. This way any file type including .php files can be uploaded. With...

8.8CVSS6.4AI score0.00419EPSS
Exploits0
Metasploit
Metasploit
added 2026/03/13 6:57 p.m.249 views

FreePBX filestore authenticated command injection

This module exploits an authenticated command injection vulnerability CVE-2025-64328 in the FreePBX filestore module. The filestore module allows administrators to configure remote file storage backends SSH, FTP, etc. for backup and file management purposes. The vulnerability exists in the SSH...

8.6CVSS6.1AI score0.84618EPSS
Exploits4
Vulnrichment
Vulnrichment
added 2026/02/18 12:0 a.m.6 views

CVE-2025-70151

code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints updateprofilepicture.php and uploadpicture.php store uploaded files in a web-accessible uploads/ directory using the original, user-supplied...

6.8AI score0.00589EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2026/02/17 12:0 a.m.250 views

📄 Pterodactyl Panel Remote Code Execution

This Metasploit module exploits a remote code execution vulnerability in Pterodactyl Panel versions before 1.11.11. The vulnerability allows an attacker to write a malicious PHP file via the locale functionality and then execute it to gain a reverse shell...

10CVSS6.5AI score0.13105EPSS
Exploits28
EUVD
EUVD
added 2025/12/31 12:31 a.m.7 views

EUVD-2022-55933

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains an authenticated command injection vulnerability in the www-data-handler.php script that allows attackers to inject system commands through the 'services' POST parameter. Attackers can exploit this vulnerability by crafting malicious 'services' paramete...

8.8CVSS7.6AI score0.02789EPSS
Exploits2References6
NVD
NVD
added 2025/12/30 11:15 p.m.7 views

CVE-2022-50793

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains an authenticated command injection vulnerability in the www-data-handler.php script that allows attackers to inject system commands through the 'services' POST parameter. Attackers can exploit this vulnerability by crafting malicious 'services' paramete...

8.8CVSS0.02789EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.8 views

PT-2025-54241

Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and earlier Description The software contains an authenticated command injection issue in the www-data-handler.php script. Attackers can inject system commands through the services POST parameter...

8.8CVSS7.8AI score0.02789EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.10 views

PT-2025-54244

Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and earlier Description The software contains an unauthenticated remote code execution issue due to a path traversal flaw in the firmware upload functionality. The upload.cgi script allows attackers t...

9.3CVSS8.1AI score0.01442EPSS
Exploits2References7
NVD
NVD
added 2025/12/19 4:15 p.m.6 views

CVE-2025-34433

AVideo versions 14.3.1 prior to 20.1 contain an unauthenticated remote code execution vulnerability caused by predictable generation of an installation salt using PHP uniqid. The installation timestamp is exposed via a public endpoint, and a derived hash identifier is accessible through...

9.3CVSS0.01457EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2025/12/05 5:16 p.m.2 views

CVE-2020-36877 ReQuest Serious Play F3 Media Server <= 7.0.3 code execution

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands as the web server user. Attackers can upload PHP executable files via the Quick File Uploader page, resulting in remote code execution on...

9.3CVSS8.7AI score0.00628EPSS
Exploits1References4
CVE
CVE
added 2025/12/05 5:16 p.m.10 views

CVE-2020-36877

CVE-2020-36877 affects ReQuest Serious Play F3 Media Server 7.0.3, with an unauthenticated remote code execution vulnerability. An attacker can upload PHP executables via the Quick File Uploader page (/tools/upload.html), resulting in code execution as the web server user. The vulnerability descr...

9.3CVSS8.7AI score0.00628EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.3 views

PT-2025-49271

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands as the web server user. Attackers can upload PHP executable files via the Quick File Uploader page, resulting in remote code execution on...

9.3CVSS9.1AI score0.00628EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/11/27 12:58 a.m.15 views

CVE-2025-66253

Unauthenticated OS Command Injection startupgrade.php in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform User input passed directly to exec allows remote code execution via...

9.9CVSS8.6AI score0.02089EPSS
Exploits1References1
Rows per page
Query Builder