Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2021/08/03 9:24 p.m.58 views

CVE-2020-19302

The CVE-2020-19302 issue affects vaeThink v1.0.1, where the avatar upload function accepts arbitrary file uploads. The root cause is that uploaded files can be misrepresented by changing the suffix to #".php"#, enabling an attacker to execute a webshell. Impact is high per the cited sources, with...

9.8CVSS9.4AI score0.00614EPSS
Exploits1References1Affected Software1
CNVD
CNVDadded 2018/01/29 12:0 a.m.1 views

File Upload Vulnerability in Longcai MX

Longcai MX is a marketing website that caters to consumer needs and buying desires. A file upload vulnerability exists in Loncai MX, where an attacker can construct an upload form to upload a file, and at the same time grab packets to modify the file suffix to further gain control of the web serv...

7.1AI score
Exploits0
CNVD
CNVDadded 2016/02/02 12:0 a.m.2 views

Unspecified vulnerability in Prosody mod_dialback module

Prosody is a suite of Jabber/XMPP communication server software written in Lua. moddialback is one of the authentication modules used for communication between local servers. A security vulnerability exists in the 'generatedialback' function in the moddialback module in versions of Prosody prior ...

5.3CVSS6.8AI score0.00681EPSS
Exploits0References1
Rows per page
Query Builder