CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

NVD•added 2026/03/24 12:16 p.m.•4 views

CVE-2019-25647

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS0.00798EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2006-0177

Malware in sbrugna...

7.5CVSS6.4AI score0.01859EPSS

Exploits1References7

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-25521

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00713EPSS

Exploits0References1

Positive Technologies•added 2025/08/19 12:0 a.m.•9 views

PT-2025-33851 · Logicdata · Logicdata Ecommerce Framework

Name of the Vulnerable Software and Affected Versions: LogicData eCommerce Framework version 5.0.9.7000 Description: An authenticated arbitrary file upload issue exists in the Content Explorer feature. This allows attackers to execute arbitrary code by uploading a crafted file. Recommendations: A...

10CVSS7.7AI score0.98253EPSS

Exploits54References5

RedhatCVE•added 2025/07/11 1:28 a.m.•12 views

CVE-2025-34083

An unrestricted file upload vulnerability exists in the WordPress AIT CSV Import/Export plugin ≤ 3.0.3. The plugin exposes an upload handler at upload-handler.php that allows arbitrary file upload via a multipart/form-data POST request. This endpoint does not enforce authentication or content-typ...

10CVSS7.7AI score

Exploits1References1

RedhatCVE•added 2025/05/22 6:35 p.m.•7 views

CVE-2021-27459

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The webserver of the affected products allows unvalidated files to be uploaded, which an attacker could utilize to execute arbitrary code...

9.8CVSS7.5AI score0.01752EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 3:42 p.m.•9 views

CVE-2020-5237

Multiple relative path traversal vulnerabilities in the oneup/uploader-bundle before 1.9.3 and 2.1.5 allow remote attackers to upload, copy, and modify files on the filesystem potentially leading to arbitrary code execution via the 1 filename parameter to BlueimpController.php; the 2 dzchunkindex...

8.8CVSS7.5AI score0.03929EPSS

Exploits1

NVD•added 2025/01/07 4:15 p.m.•6 views

CVE-2024-53345

An authenticated arbitrary file upload vulnerability in Car Rental Management System v1.0 to v1.3 allows attackers to execute arbitrary code via uploading a crafted file...

8.8CVSS0.01277EPSS

Exploits1References2

OSV•added 2024/07/12 4:15 p.m.•6 views

CVE-2024-40545

An arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file...

8.8CVSS7.7AI score

Exploits0References1

NVD•added 2023/05/12 11:15 a.m.•24 views

CVE-2023-29657

eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with arbitrary code executions...

8.8CVSS8.9AI score0.01095EPSS

Exploits1References2

exploitpack•added 2012/05/21 12:0 a.m.•14 views

Acuity CMS 2.6.2 - adminfile_managerfile_upload_submit.asp Multiple Arbitrary File Upload Code Executions

Acuity CMS 2.6.2 - adminfilemanagerfileuploadsubmit.asp Multiple Arbitrary File Upload Code Executions source: https://www.securityfocus.com/bid/53616/info Acuity CMS is prone to a directory-traversal vulnerability and an arbitrary-file-upload vulnerability. An attacker can exploit these issues t...

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by