Lucene search
K

85 matches found

RedhatCVE
RedhatCVE
added 2025/08/31 6:11 p.m.5 views

CVE-2025-58158

Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries. Prior to version 3.3.0, Open Source Harness git LFS server Gitness exposes api to retrieve and upload files via git LFS. Implementation ...

8.8CVSS7AI score0.00459EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:52 a.m.8 views

CVE-2023-33386

MarsCTF 1.2.1 has an arbitrary file upload vulnerability in the interface for uploading attachments in the background...

9.8CVSS7.1AI score0.01007EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:25 a.m.6 views

CVE-2023-21640

Memory corruption in Linux when the file upload API is called with parameters having large buffer...

7.8CVSS7.2AI score0.00109EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:43 p.m.7 views

CVE-2020-5738

Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP /cgi-bin/uploadvpntar interface...

9CVSS7.1AI score0.05424EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 a.m.6 views

CVE-2019-19370

A cross-site scripting XSS vulnerability in the web conferencing component of the Mitel MiCollab application before 9.0.15 for Android could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation in the file upload interface. A...

6.1CVSS6.2AI score0.01042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:36 a.m.7 views

CVE-2018-20925

cPanel before 70.0.23 allows local privilege escalation via the WHM Legacy Language File Upload interface SEC-379...

6.7CVSS7.1AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/27 7:15 a.m.19 views

CVE-2025-2743

A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path...

8.1CVSS6.8AI score0.00771EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/26 8:23 p.m.9 views

CVE-2025-2708

A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. This affects an unknown part of the file /admin-api/infra/file/upload of the component Backend File Upload Interface. The manipulation of the argument path leads to path traversal. It is possible to...

9.1CVSS7AI score0.00809EPSS
Exploits1References1
NVD
NVD
added 2025/03/25 7:15 a.m.26 views

CVE-2025-2744

A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected is an unknown function of the file /admin-api/mp/material/upload-news-image of the component Material Upload Interface. The manipulation of the argument File leads to path traversal. It is...

5.5CVSS0.00651EPSS
Exploits1References4
OSV
OSV
added 2025/03/25 7:15 a.m.5 views

CVE-2025-2744

A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected is an unknown function of the file /admin-api/mp/material/upload-news-image of the component Material Upload Interface. The manipulation of the argument File leads to path traversal. It is...

5.3CVSS5.3AI score0.00651EPSS
Exploits1References4
OSV
OSV
added 2025/03/25 7:15 a.m.5 views

CVE-2025-2743

A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path...

8.1CVSS5AI score0.00771EPSS
Exploits1References4
OSV
OSV
added 2025/03/25 7:15 a.m.6 views

CVE-2025-2742

A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. This vulnerability affects unknown code of the file /admin-api/mp/material/upload-permanent of the component Material Upload Interface. The manipulation of the argument File leads to path traversal. The attack...

8.1CVSS5.4AI score0.00772EPSS
Exploits1References4
NVD
NVD
added 2025/03/25 7:15 a.m.27 views

CVE-2025-2743

A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path...

8.1CVSS0.00771EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/03/25 7:0 a.m.22 views

CVE-2025-2744 zhijiantianya ruoyi-vue-pro Material Upload Interface upload-news-image path traversal

A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected is an unknown function of the file /admin-api/mp/material/upload-news-image of the component Material Upload Interface. The manipulation of the argument File leads to path traversal. It is...

5.5CVSS0.00651EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/03/25 7:0 a.m.32 views

CVE-2025-2743 zhijiantianya ruoyi-vue-pro Material Upload Interface upload-temporary path traversal

A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path...

5.3CVSS0.00771EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/03/25 7:0 a.m.11 views

CVE-2025-2743 zhijiantianya ruoyi-vue-pro Material Upload Interface upload-temporary path traversal

A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path...

5.3CVSS7AI score0.00771EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/03/25 6:31 a.m.8 views

CVE-2025-2742 zhijiantianya ruoyi-vue-pro Material Upload Interface upload-permanent path traversal

A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. This vulnerability affects unknown code of the file /admin-api/mp/material/upload-permanent of the component Material Upload Interface. The manipulation of the argument File leads to path traversal. The attack...

5.5CVSS7.2AI score0.00772EPSS
Exploits1References4
CVE
CVE
added 2025/03/25 6:31 a.m.84 views

CVE-2025-2742

CVE-2025-2742 affects zhijiantianya ruoyi-vue-pro 2.4.1. The vulnerability exists in the Material Upload Interface’s /admin-api/mp/material/upload-permanent path, where manipulation of the File argument leads to path traversal. Remote exploitation is possible, and the exploit has been publicly di...

8.1CVSS7.2AI score0.00772EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/03/24 12:0 a.m.4 views

PT-2025-12574 · Unknown · Zhijiantianya Ruoyi-Vue-Pro

Name of the Vulnerable Software and Affected Versions: zhijiantianya ruoyi-vue-pro version 2.4.1 Description: A critical vulnerability was found in the Backend File Upload Interface of zhijiantianya ruoyi-vue-pro. This affects an unknown part of the file "/admin-api/infra/file/upload" and allows...

9.1CVSS5.3AI score0.00809EPSS
Exploits1References12
RedhatCVE
RedhatCVE
added 2025/02/14 5:8 a.m.10 views

CVE-2024-36858

An arbitrary file upload vulnerability in the /v1/app/writeFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted file...

9.8CVSS7.7AI score0.0306EPSS
Exploits1References3
Rows per page
Query Builder