550 matches found
PT-2026-53866
Name of the Vulnerable Software and Affected Versions NetScaler ADC affected versions not specified NetScaler Gateway affected versions not specified Description An unauthenticated arbitrary file read issue exists when access to the NSIP NetScaler IP, Cluster Management IP, or SNIP Subnet IP with...
PT-2026-53285
Name of the Vulnerable Software and Affected Versions Page Builder CK versions prior to 3.6.0 Description The Joomla extension Page Builder CK contains a flaw that allows an unauthenticated user to perform an arbitrary file upload. This issue enables the uploading of executable files, which can...
CVE-2026-56066
Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...
CVE-2026-54845
Unauthenticated Local File Inclusion in MDTF = 1.3.8 versions...
PT-2026-52136
Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description Cacti is an open source performance and fault management framework. The software contains an unauthenticated Local File Inclusion LFI issue, which occurs through the graph theme parameter and rrdtool...
EUVD-2025-210228
Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...
CVE-2025-69175
Unauthenticated Local File Inclusion in Line Agency = 1.3.1 versions...
CVE-2025-69106
Unauthenticated Local File Inclusion in Imba = 1.5.0 versions...
CVE-2026-52705
Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms = 1.4.5 versions...
CVE-2026-39582
Unauthenticated Local File Inclusion in Hitek 1.8.3 versions...
CVE-2025-69129
Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...
CVE-2025-69118
Unauthenticated Local File Inclusion in CopyPress = 1.4.5 versions...
CVE-2025-60085
Unauthenticated Local File Inclusion in Learnify = 1.15.0 versions...
CVE-2026-40772
Unauthenticated Arbitrary File Upload in GeekyBot = 1.2.2 versions...
CVE-2026-5482
Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution. This project is unmaintained at the time of CVE assignment. The vulnerability was found in the latest release 9.14...
Exploit for CVE-2026-1555
CVE-2026-1555: Unauthenticated Arbitrary File Upload in WebSta...
CVE-2026-53787
Amasty Order Attributes for Magento 2 (versions
PT-2026-48882
Name of the Vulnerable Software and Affected Versions Amasty Order Attributes for Magento 2 versions prior to 4.0.0 Description An unauthenticated arbitrary file upload issue allows attackers to write files of any type or name to the store's media directory. This occurs because the upload endpoin...
Exploit for CVE-2026-3844
CVE-2026-3844 – Breeze Cache WordPress Plugin Unauthenticated...
CVE-2026-35033
Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain an unauthenticated arbitrary file read vulnerability via ffmpeg argument injection through the StreamOptions query parameter parsing mechanism. The ParseStreamOptions method in StreamingHelpers.cs adds any...