Lucene search
K

14 matches found

NVD
NVD
added 2026/03/11 4:16 p.m.5 views

CVE-2026-22248

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. From 11.0.0 to before 11.0.5, an authenticated technician user can upload a malicious file and trigger its execution through an unsafe PHP...

8.8CVSS0.00315EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/21 5:27 p.m.7 views

EUVD-2026-3636

phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query manipulation. Attackers can create a custom table, upload a malicious .txt file, and use the COPY FROM PROGRAM command to execute operatin...

8.8CVSS6.5AI score0.00262EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-52317

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00436EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:47 a.m.6 views

CVE-2024-34683

An authenticated attacker can upload malicious file to SAP Document Builder service. When the victim accesses this file, the attacker is allowed to access, modify, or make the related information unavailable in the victim’s browser...

6.5CVSS6.6AI score0.00241EPSS
Exploits0References1
CVE
CVE
added 2025/01/14 12:0 a.m.72 views

CVE-2024-48760

GestioIP 3.5.7 has a remote code execution (RCE) via the file upload feature. An attacker can upload a malicious perlcmd.cgi that overwrites upload.cgi, enabling arbitrary commands on the server. CVSSv3.1: 9.8 (CRITICAL), AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. Exploitation details appear in exploit...

9.8CVSS7.8AI score0.45109EPSS
Exploits5References3Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/12/18 12:0 a.m.5 views

VulnCheck KEV: CVE-2024-12686

BeyondTrust Privileged Remote Access PRA and Remote Support RS contain an OS command injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to...

7.2CVSS5.9AI score0.13788EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/10 12:0 a.m.6 views

PT-2024-13559 · Rexroth +1 · Nexo Cordless Nutrunner Nxa011S-36V +8

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue allows an authenticated remote attacker to upload a malicious file to the SD card containing arbitrary client-side script code and obtain its execution inside a victim’s session...

5.5CVSS5.7AI score0.00436EPSS
Exploits0References5
OSV
OSV
added 2022/09/14 11:15 a.m.6 views

CVE-2022-37140

PayMoney 3.3 is vulnerable to Client Side Remote Code Execution RCE. The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who download the file open the RTF file...

8CVSS5.9AI score0.0133EPSS
Exploits2References2
OSV
OSV
added 2022/07/14 6:15 p.m.2 views

CVE-2022-22450

IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. IBM X-Force ID: 224916...

3.8CVSS6.1AI score
Exploits0References2
OSV
OSV
added 2021/11/23 8:15 p.m.6 views

CVE-2021-36311

Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Any local malicious user with networker user privileges may exploit this vulnerability to upload malicious file to unauthorized locations and execute it...

7.8CVSS7.2AI score0.00195EPSS
Exploits0References1
OSV
OSV
added 2021/06/16 12:15 p.m.3 views

CVE-2021-27489

ZOLL Defibrillator Dashboard, v prior to 2.2, The web application allows a non-administrative user to upload a malicious file. This file could allow an attacker to remotely execute arbitrary commands...

8.8CVSS6AI score0.01291EPSS
Exploits0References1
Prion
Prion
added 2020/02/12 11:15 p.m.15 views

Design/Logic Flaw

Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application...

4CVSS5.3AI score0.00789EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2019/05/16 1:29 a.m.4 views

CVE-2019-1822

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because t...

7.2CVSS6AI score0.04415EPSS
Exploits1References2
OSV
OSV
added 2019/03/28 12:29 a.m.7 views

CVE-2019-1743

A vulnerability in the web UI framework of Cisco IOS XE Software could allow an authenticated, remote attacker to make unauthorized changes to the filesystem of the affected device. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by crafting a...

8.8CVSS6.8AI score0.02208EPSS
Exploits0References2
Rows per page
Query Builder