Lucene search
K

5279 matches found

Nuclei
Nuclei
added 16 hours ago92 views

TI WooCommerce Wishlist <= 2.9.2 - Arbitrary File Upload

TemplateInvaders TI WooCommerce Wishlist = 2.10.0 contains an unrestricted file upload vulnerability caused by lack of proper file type validation, letting attackers upload web shells to the server, exploit requires no special privileges. id: CVE-2025-47577 info: name: TI WooCommerce Wishlist =...

10CVSS7.3AI score0.05128EPSS
Exploits2References3
EUVD
EUVD
added yesterday6 views

EUVD-2026-41792

A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /announcements.php. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has...

6.5CVSS6.4AI score0.00214EPSS
Exploits0References7
EUVD
EUVD
added yesterday6 views

EUVD-2026-41790

A vulnerability was identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected is an unknown function of the file /processlesson.php. Such manipulation of the argument userid leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly...

6.5CVSS5.7AI score0.00214EPSS
Exploits0References7
NVD
NVD
added 2 days ago7 views

CVE-2026-14776

A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /uploadfiles.php of the component Filename Extension. Performing a manipulation results in unrestricted upload. Remote...

6.5CVSS0.00214EPSS
Exploits0References6
NVD
NVD
added 2 days ago6 views

CVE-2026-14775

A vulnerability was identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected is an unknown function of the file /processlesson.php. Such manipulation of the argument userid leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly...

6.5CVSS0.00214EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 days ago6 views

CVE-2026-14777

A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /announcements.php. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has...

6.5CVSS6.4AI score0.00214EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-14777 SourceCodester Onlne Examination & Learning Management System announcements.php unrestricted upload

A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /announcements.php. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has...

6.5CVSS0.00214EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 days ago6 views

CVE-2026-14776

A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /uploadfiles.php of the component Filename Extension. Performing a manipulation results in unrestricted upload. Remote...

6.5CVSS6.3AI score0.00214EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2 days ago25 views

CVE-2026-14776 SourceCodester Onlne Examination & Learning Management System Filename Extension upload_files.php pathinfo unrestricted upload

A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /uploadfiles.php of the component Filename Extension. Performing a manipulation results in unrestricted upload. Remote...

6.5CVSS0.00214EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago27 views

CVE-2026-14775 SourceCodester Onlne Examination & Learning Management System process_lesson.php unrestricted upload

A vulnerability was identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected is an unknown function of the file /processlesson.php. Such manipulation of the argument userid leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly...

6.5CVSS0.00214EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 days ago11 views

CVE-2026-14775

A vulnerability was identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected is an unknown function of the file /processlesson.php. Such manipulation of the argument userid leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly...

6.5CVSS6.4AI score0.00214EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2 days ago9 views

CVE-2026-14775

The CVE concerns SourceCodester Onlne Examination & Learning Management System 1.0. Affected is an unknown function in the file /process_lesson.php where manipulation of the argument user_id leads to unrestricted upload. The attack can be launched remotely, and an exploit is publicly available. T...

6.5CVSS6.4AI score0.00214EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-14736 Ruijie RG-UAC user_auth_commit.php unrestricted upload

A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS0.00452EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-14736

A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS6.6AI score0.00452EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41744

A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS6.6AI score0.00452EPSS
Exploits0References5
NVD
NVD
added 2 days ago7 views

CVE-2026-14698

A security flaw has been discovered in SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0. Impacted is an unknown function of the file uploadfiles.php. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS0.00209EPSS
Exploits0References6
CVE
CVE
added 2 days ago10 views

CVE-2026-14698

CVE-2026-14698 affects SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0, with the vulnerability in file upload_files.php allowing unrestricted file upload after input manipulation. The CVSS metrics indicate a network-accessible, low-privilege, low-impact vulnerabilit...

6.5CVSS6.3AI score0.00209EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-41723

A security flaw has been discovered in SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0. Impacted is an unknown function of the file uploadfiles.php. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS5.6AI score0.00209EPSS
Exploits0References6
Nuclei
Nuclei
added 4 days ago49 views

Traccar - Unrestricted File Upload

Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by default, attackers can acquire ordinary user permissions by registering an account and exploit this...

8.5CVSS7.4AI score0.54413EPSS
Exploits9References3
CVE
CVE
added 2026/06/30 3:11 p.m.20 views

CVE-2026-48276

CVE-2026-48276 affects ColdFusion versions 2025.9, 2023.20 and earlier. The issue is an Unrestricted Upload of File with Dangerous Type (CWE-434) that could lead to arbitrary code execution in the context of the current user. Exploitation does not require user interaction. The vulnerability scope...

10CVSS6.4AI score0.00917EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder