Lucene search
K

4 matches found

NVD
NVD
added 2026/05/08 4:16 a.m.19 views

CVE-2026-8133

A security vulnerability has been detected in zyx0814 FilePress up to 2.2.0. Affected by this vulnerability is an unknown functionality of the file dzz/shares/admin.php of the component Shares Filelist API. Such manipulation of the argument order leads to sql injection. The attack can be launched...

7.5CVSS0.00272EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/08 3:30 a.m.8 views

CVE-2026-8133 zyx0814 FilePress Shares Filelist API admin.php sql injection

A security vulnerability has been detected in zyx0814 FilePress up to 2.2.0. Affected by this vulnerability is an unknown functionality of the file dzz/shares/admin.php of the component Shares Filelist API. Such manipulation of the argument order leads to sql injection. The attack can be launched...

7.5CVSS6.7AI score0.00272EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

FilePress 注入漏洞

FilePress is a file-driven website building system developed by zyx0814. It supports cloud storage management and multi-mode file display. Versions of FilePress 2.2.0 and earlier had an injection vulnerability. This vulnerability stemmed from improper handling of the order parameter in the Shares...

7.5CVSS7.2AI score0.00272EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.18 views

PT-2026-38656

Name of the Vulnerable Software and Affected Versions zyx0814 FilePress versions prior to 2.2.1 Description An issue exists in the Shares Filelist API within the file 'dzz/shares/admin.php'. Manipulation of the argument order allows a remote attacker to perform SQL injection, which is a technique...

7.5CVSS7.3AI score0.00272EPSS
Exploits0References12
Rows per page
Query Builder