Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

OSV
OSVadded 2025/12/01 9:16 a.m.1 views

CVE-2025-13816

A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted element is the function FileOperation.unzip of the file /networkDisk/unzipFile of the component ZIP File Handler. Such manipulation of the argument fileUrl leads to path traversal. The attack may be...

8.8CVSS6.8AI score
Exploits0References5
CVE
CVEadded 2025/12/01 8:32 a.m.5 views

CVE-2025-13816

Summary: CVE-2025-13816 affects moxi159753 Mogu Blog v2 up to 5.2. The vulnerability lies in the ZIP File Handler’s FileOperation.unzip function (in /networkDisk/unzipFile). Manipulating the fileUrl argument enables path traversal, potentially enabling remote, unauthenticated access. Documents in...

8.8CVSS6.4AI score0.00115EPSS
Exploits1References5Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-22754

Malware in sbrugna...

8.8CVSS8.6AI score0.00941EPSS
Exploits0References2
Snyk
Snykadded 2025/08/01 11:42 p.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the unzipFile function in the client.go file, which uses filepath.JoindestDir, f.Name without validating or sanitizing f.Name. An attacker can overwrite arbitrary files on the system outside of the intended...

9.8CVSS8.2AI score0.03359EPSS
Exploits0References2
Snyk
Snykadded 2025/08/01 11:42 p.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the unzipFile function in the client.go file, which uses filepath.JoindestDir, f.Name without validating or sanitizing f.Name. An attacker can overwrite arbitrary files on the system outside of the intended...

9.8CVSS8.2AI score0.03359EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/13 7:25 a.m.19 views

CVE-2025-4533

A vulnerability classified as problematic was found in JeecgBoot up to 3.8.0. This vulnerability affects the function unzipFile of the file /jeecg-boot/airag/knowledge/doc/import/zip of the component Document Library Upload. The manipulation of the argument File leads to resource consumption. The...

5.1CVSS6.9AI score0.00674EPSS
Exploits1References1
CVE
CVEadded 2025/05/11 6:31 a.m.83 views

CVE-2025-4533

CVE-2025-4533 affects JeecgBoot up to 3.8.0. The vulnerability is in the unzipFile function of /jeecg-boot/airag/knowledge/doc/import/zip (Document Library Upload). The attacker can remotely trigger resource consumption by manipulating the File argument, leading to a DoS condition. Multiple conne...

7.5CVSS3.8AI score0.00674EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichmentadded 2025/05/11 6:31 a.m.5 views

CVE-2025-4533 JeecgBoot Document Library Upload zip unzipFile resource consumption

A vulnerability classified as problematic was found in JeecgBoot up to 3.8.0. This vulnerability affects the function unzipFile of the file /jeecg-boot/airag/knowledge/doc/import/zip of the component Document Library Upload. The manipulation of the argument File leads to resource consumption. The...

5.1CVSS6.9AI score0.00674EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2025/05/11 12:0 a.m.2 views

PT-2025-20655 · Unknown · Jeecg-Boot

Name of the Vulnerable Software and Affected Versions: JeecgBoot versions up to 3.8.0 Description: A vulnerability was found in JeecgBoot that affects the function unzipFile of the file /jeecg-boot/airag/knowledge/doc/import/zip of the component Document Library Upload. The manipulation of the...

5.1CVSS3.6AI score0.00674EPSS
Exploits1References12
NVD
NVDadded 2024/11/22 8:15 p.m.11 views

CVE-2024-5581

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the unzipFile method. The...

7.2CVSS0.12179EPSS
Exploits0References2
OSV
OSVadded 2024/11/22 8:15 p.m.0 views

CVE-2024-5581

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the unzipFile method. The...

7.2CVSS6.2AI score0.12179EPSS
Exploits0References2
OSV
OSVadded 2024/11/22 8:15 p.m.1 views

CVE-2023-51645

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...

4.7CVSS6.2AI score
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2024/11/22 8:15 p.m.0 views

CVE-2023-51645

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...

7.2CVSS6.3AI score0.01783EPSS
Exploits0References3
NVD
NVDadded 2024/11/22 8:15 p.m.11 views

CVE-2023-51645

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...

7.2CVSS0.01783EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/11/22 8:5 p.m.14 views

CVE-2023-51645 Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...

7.2CVSS7.5AI score0.01783EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/08/22 12:0 a.m.2 views

PT-2024-36588 · Allegra · Allegra

Name of the Vulnerable Software and Affected Versions: Allegra affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this issue. The specific flaw exists within the...

7.2CVSS7.5AI score0.12179EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiativeadded 2024/08/22 12:0 a.m.6 views

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the unzipFile method. The issue results from the lack of proper validation of a user-supplied path...

7.2CVSS7.4AI score0.12179EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2024/02/09 12:0 a.m.22 views

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the unzipFile method. The issue...

7.2CVSS7.8AI score0.01783EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/02/09 12:0 a.m.1 views

PT-2024-14221 · Allegra · Allegra

Name of the Vulnerable Software and Affected Versions: Allegra affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this issue, the existing authentication...

7.2CVSS7.8AI score0.01783EPSS
Exploits0References4
OSV
OSVadded 2021/07/13 2:15 p.m.1 views

CVE-2021-36122

An issue was discovered in Echo ShareCare 8.15.5. The UnzipFile feature in Access/EligFeedParseSup/UnzipFileUpd.cfm is susceptible to a command argument injection vulnerability when processing remote input in the zippass parameter from an authenticated user, leading to the ability to inject...

8.8CVSS5.9AI score0.00941EPSS
Exploits0References1
Rows per page
Query Builder