Lucene search
K

11 matches found

EUVD
EUVD
added 2026/06/15 12:0 p.m.8 views

EUVD-2018-21958

WordPress Plugin Baggage Freight Shipping Australia 0.1.0 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files by exploiting the upload-package.php endpoint. Attackers can submit POST requests with malicious file extensions to the uplo...

9.8CVSS6AI score0.00661EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/15 12:0 p.m.32 views

CVE-2018-25436 WordPress Plugin Baggage Freight Shipping Australia 0.1.0 Arbitrary File Upload

WordPress Plugin Baggage Freight Shipping Australia 0.1.0 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files by exploiting the upload-package.php endpoint. Attackers can submit POST requests with malicious file extensions to the uplo...

9.8CVSS0.00661EPSS
Exploits0References4
CVE
CVE
added 2026/06/15 12:0 p.m.15 views

CVE-2018-25436

The CVE concerns the WordPress plugin Baggage Freight Shipping Australia version 0.1.0, where an unrestricted file upload vulnerability exists via the upload-package.php endpoint. Unauthenticated attackers can submit POST requests with malicious file extensions, and the handler moves files to the...

9.8CVSS6.1AI score0.00661EPSS
Exploits0References4
OSV
OSV
added 2025/08/14 6:52 p.m.7 views

MAL-2025-37923 Malicious code in upload_package (npm)

The package uploadpackage was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/03/03 1:13 p.m.4 views

MAL-2025-1690 Malicious code in @kamotive/api-file-upload (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
GithubExploit
GithubExploit
added 2024/08/21 7:58 p.m.211 views

Exploit for CVE-2024-22263

CVE-2024-22263Scanner For Ethical Usage only, Any harmful or...

8.8CVSS7.3AI score0.17537EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:49 p.m.6 views

Malicious code in ba-upload (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
NVD
NVD
added 2024/06/19 3:15 p.m.27 views

CVE-2024-22263

Spring Cloud Data Flow is a microservices-based Streaming and Batch data processing in Cloud Foundry and Kubernetes. The Skipper server has the ability to receive upload package requests. However, due to improper sanitization for upload path, a malicious user who has access to skipper server api...

8.8CVSS0.17537EPSS
Exploits1References1
NVD
NVD
added 2022/09/09 8:15 a.m.16 views

CVE-2022-2528

In affected versions of Octopus Deploy it is possible to upload a package to built-in feed with insufficient permissions after re-indexing packages...

6.5CVSS0.00429EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:26 p.m.5 views

Malicious code in @md-fe/antd-upload (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8b542149e81bea611059ed8fa1900541987c8fcea126948c3ef6b31c986161ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2019/08/05 6:15 p.m.2 views

CVE-2019-11198

Multiple cross-site scripting XSS vulnerabilities in Sitecore CMS 9.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 300583 - List Manager Dashboard module, 2 307638 - Campaign Creator module, 3 316994 - Attributes field, 4 I316995 - Icon Selection module, 5...

6.1CVSS6.4AI score
Exploits0References2
Rows per page
Query Builder