Lucene search
+L

8 matches found

Cvelist
Cvelist
added 2024/03/17 4:21 p.m.38 views

CVE-2024-27957 WordPress Pie Register plugin <= 3.8.3.1 - Unauthenticated Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Pie Register.This issue affects Pie Register: from n/a through 3.8.3.1...

10CVSS9.7AI score0.00612EPSS
Exploits0References1
0day.today
0day.today
added 2023/12/22 12:0 a.m.434 views

Hospital Management System 4.0 XSS / Shell Upload / SQL Injection Vulnerabilities

Hospital Management System versions 4.0 and below suffer from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities. Description: Mutiple vulnerabilties were discovered in Hospital Management System Affected CMS: Hospital Management System Affected Version: unread...

9.8CVSS8.1AI score0.01181EPSS
Exploits6
Packet Storm
Packet Storm
added 2023/03/01 12:0 a.m.432 views

Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'Oracle E-Business Suite EBS Unauthenticated Arbitrary File Upload', 'Description' = %q This module exploits an unauthenticated...

9.8CVSS0.2AI score0.98342EPSS
Exploits7
Wordfence Blog
Wordfence Blog
added 2023/02/23 4:30 p.m.180 views

Wordfence Intelligence CE Weekly Vulnerability Report (Feb 13, 2023 to Feb 19, 2023)

Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence Community Edition. This database is continuously updated, maintained, and populated by Wordfences highly credentialed and experienced...

0.1AI score0.04427EPSS
Exploits21
wpexploit
wpexploit
added 2022/09/05 12:0 a.m.111 views

Scripts Organizer < 3.0 - Unauthenticated Arbitrary File Upload

The plugin does not have capability and CSRF checks in the saveScript AJAX action, available to both unauthenticated and authenticated users, and does not validate user input in any way, which could allow unauthenticated users to put arbitrary PHP code in a file POST /wp-admin/admin-ajax.php...

8.8CVSS1.1AI score0.00462EPSS
Exploits2References1
Cvelist
Cvelist
added 2021/11/01 8:45 a.m.28 views

CVE-2018-25019 LearnDash < 2.5.4 - Unauthenticated Arbitrary File Upload

The LearnDash LMS WordPress plugin before 2.5.4 does not have any authorisation and validation of the file to be uploaded in the learndashassignmentprocessinit function, which could allow unauthenticated users to upload arbitrary files to the web server...

7.7AI score0.01531EPSS
Exploits1References2
Patchstack
Patchstack
added 2021/03/27 12:0 a.m.29 views

WordPress N5 Upload Form plugin <= 1.0 - Unauthenticated Arbitrary File Upload vulnerability leading to Remote Code Execution (RCE)

Unauthenticated Arbitrary File Upload vulnerability leading to Remote Code Execution RCE discovered by Jin Huang in WordPress N5 Upload Form plugin versions = 1.0. Solution Plugin closed. Deactivate and delete...

9.8CVSS4.2AI score0.02207EPSS
Exploits2References3Affected Software1
Exploit DB
Exploit DB
added 2017/03/22 12:0 a.m.149 views

Solare Datensysteme Solar-Log Devices 2.8.4-56/3.5.2-85 - Multiple Vulnerabilities

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Solare Datensysteme GmbH Solar-Log 250/300/500/800e/1000/1000 PM+/1200/2000 vulnerable version: Firmware 2.8.4-56 / 3.5.2-85 fixed...

5CVSS6.6AI score0.03202EPSS
Exploits4
Rows per page
Query Builder