Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2025/12/01 8:32 a.m.9 views

CVE-2025-13816 moxi159753 Mogu Blog v2 ZIP File unzipFile FileOperation.unzip path traversal

A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted element is the function FileOperation.unzip of the file /networkDisk/unzipFile of the component ZIP File Handler. Such manipulation of the argument fileUrl leads to path traversal. The attack may be...

6.5CVSS0.00531EPSS
Exploits1References5
Snyk
Snykadded 2025/08/01 11:42 p.m.4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the unzipFile function in the client.go file, which uses filepath.JoindestDir, f.Name without validating or sanitizing f.Name. An attacker can overwrite arbitrary files on the system outside of the intended...

9.8CVSS8.2AI score0.01035EPSS
Exploits0References2
Snyk
Snykadded 2025/08/01 11:42 p.m.3 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the unzipFile function in the client.go file, which uses filepath.JoindestDir, f.Name without validating or sanitizing f.Name. An attacker can overwrite arbitrary files on the system outside of the intended...

9.8CVSS8.2AI score0.01035EPSS
Exploits0References2
OSV
OSVadded 2021/07/13 2:15 p.m.2 views

CVE-2021-36122

An issue was discovered in Echo ShareCare 8.15.5. The UnzipFile feature in Access/EligFeedParseSup/UnzipFileUpd.cfm is susceptible to a command argument injection vulnerability when processing remote input in the zippass parameter from an authenticated user, leading to the ability to inject...

8.8CVSS5.9AI score0.01023EPSS
Exploits0References1
CNVD
CNVDadded 2018/11/29 12:0 a.m.3 views

WordPress Yoast SEO Plugin Competitive Conditions Vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site. Yoast SEO wordpress-seo plugin is used in one of the search engine optimization plugin. A competitive conditio...

6.6CVSS7AI score0.03205EPSS
Exploits1References1
OSV
OSVadded 2018/11/28 10:29 p.m.3 views

CVE-2018-19370

A Race condition vulnerability in unzipfile in admin/import/class-import-settings.php in the Yoast SEO wordpress-seo plugin before 9.2.0 for WordPress allows an SEO Manager to perform command execution on the Operating System via a ZIP import...

6.6CVSS5.9AI score0.03205EPSS
Exploits1References3
CNVD
CNVDadded 2018/07/18 12:0 a.m.1 views

GNU Libextractor Buffer Overflow Vulnerability

GNU Libextractor is a set of libraries developed by the GNU Project for extracting metadata from files. A stack-based buffer overflow vulnerability exists in the 'ecreadfilefunc' function unzip.c file in GNU Libextractor versions prior to 1.7. An attacker can exploit this vulnerability to execute...

8.8CVSS8.9AI score0.02089EPSS
Exploits1References1
Rows per page
Query Builder