Lucene search
K

52 matches found

Positive Technologies
Positive Technologies
added 2024/10/20 12:0 a.m.6 views

PT-2024-33566 · Unknown · Paxman Product Website Showcase

Name of the Vulnerable Software and Affected Versions: Paxman Product Website Showcase versions n/a through 1.0 Description: The issue allows an unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can potentially allow attackers to deploy...

10CVSS7.3AI score0.0053EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/10/20 12:0 a.m.13 views

PT-2024-33470 · Vivek Tamrakar · Wp Rest Api Fns

Name of the Vulnerable Software and Affected Versions: Vivek Tamrakar WP REST API FNS versions 1.0.0 and earlier Description: The issue allows attackers to upload harmful content, including web shells, to a web server due to an Unrestricted Upload of File with Dangerous Type vulnerability. This c...

10CVSS7.2AI score0.00501EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/10/17 12:0 a.m.5 views

PT-2024-33454 · Unknown · Jiangqie Free Mini Program

Name of the Vulnerable Software and Affected Versions: JiangQie Free Mini Program versions n/a through 2.5.2 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to significant security...

10CVSS7.1AI score0.00501EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.6 views

PT-2024-32953 · WordPress · Acf Images Search/Insert

Name of the Vulnerable Software and Affected Versions: ACF Images Search And Insert versions 1.1.4 and earlier Description: The issue affects the ACF Images Search And Insert plugin, allowing unrestricted upload of files with dangerous types, such as a web shell, to a web server. This could...

9.9CVSS6.9AI score0.00482EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.7 views

PT-2024-33352 · Unknown · Feed Comments Number

Name of the Vulnerable Software and Affected Versions: Feed Comments Number versions 0.2.1 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited by uploading malicious files,...

10CVSS7AI score0.00496EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/08/16 12:0 a.m.7 views

PT-2024-20697 · Ericsson · Ericsson Ran Compute/Site Controller 6610

Name of the Vulnerable Software and Affected Versions: Ericsson RAN Compute and Site Controller 6610 versions prior to 24.Q2 Description: The issue is related to improper input validation in the Control System, which can lead to arbitrary code execution. For example, it can be used to obtain a...

6.8CVSS7.7AI score0.0029EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.5 views

PT-2024-27541 · Automattic · Newspack Blocks

Name of the Vulnerable Software and Affected Versions: Automattic Newspack Blocks versions 3.0.8 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. Recommendations: For versions 3.0.8 and...

9.9CVSS7.4AI score0.00492EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/24 12:0 a.m.6 views

PT-2024-12261 · Elementor · Unlimited Elements For Elementor

Name of the Vulnerable Software and Affected Versions: Unlimited Elements For Elementor Free Widgets, Addons, Templates versions 1.5.60 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a...

9.9CVSS9.6AI score0.00757EPSS
Exploits0References3
RustSec
RustSec
added 2024/01/21 12:0 p.m.8 views

Multiple issues involving quote API

Issue 1: Failure to quote characters Affected versions of this crate allowed the bytes and \xa0 to appear unquoted and unescaped in command arguments. If the output of quote or join is passed to a shell, then what should be a single command argument could be interpreted as multiple arguments. Thi...

9.8CVSS7.3AI score0.0078EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/03/15 11:6 p.m.5 views

USN-4875-1 opensmtpd vulnerabilities

It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could possibly use this vulnerability to execute arbitrary commands as root. CVE-2020-7247 It was discovered that OpenSMTPD did not properly handle hardlinks und...

10CVSS7.2AI score0.98946EPSS
Exploits41References4
Packet Storm
Packet Storm
added 2006/06/15 12:0 a.m.30 views

SAXON.txt

SaVSaK.CoM | SpC-x - The-BeKiR | SAXON 4.6 Version - Remote File Include Vulnerabilities Risk : High Class: Remote Script : SAXON Credits : SpC-x Thanks : The-BeKiR - Ejder - FasTBoY - ERNE - RMx - Nukedx - Str0ke Code : include"functions.php"; include "config.php"; include $template; Vulnerable ...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/08/12 12:0 a.m.66 views

Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and below

note to editors: please leave all links intact. Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and below found and written by: [email protected] http://www.modernhacker.com phpBB, is an open source bulletin board created by the phpBB group phpbb.com . Versions 1.4.0 and belo...

0.7AI score
Exploits0
Rows per page
Query Builder