Lucene search
K

210 matches found

EUVD
EUVD
added 2026/04/23 12:10 a.m.5 views

EUVD-2026-25150

PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.4.3, the upload PATCH flow under /files/:uploadId validates the mounted request path using the still-encoded req.path, but the downstream tus handler later writes using the decoded req.params.uploadId. In...

7.5CVSS5.8AI score0.00307EPSS
Exploits0References3
CVE
CVE
added 2026/04/23 12:10 a.m.18 views

CVE-2026-41180

Summary: PsiTransfer before 2.4.3 is vulnerable to a path traversal in the upload PATCH flow (/files/:uploadId). The attack can abuse a mounted request path vs the downstream tus handler’s decoded uploadId to cause an unauthenticated attacker to create a file named with a pattern like config..js ...

7.5CVSS5.8AI score0.00307EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/11 7:40 a.m.34 views

CVE-2026-5809 wpForo Forum <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Deletion via 'data[body][fileurl]' Parameter

The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. This is due to a two-step logic flaw: the topicadd and topicedit action handlers accept arbitrary user-supplied data arrays from $REQUEST and store them as postmeta without...

7.1CVSS0.00499EPSS
Exploits0References9
NVD
NVD
added 2026/04/06 10:16 p.m.9 views

CVE-2026-35412

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

8.1CVSS0.00302EPSS
Exploits0References1
OSV
OSV
added 2026/03/31 11:53 p.m.3 views

GHSA-QF48-QFV4-JJM9 OpenClaw: Feishu extension resolveUploadInput bypasses file-system sandbox and allows arbitrary file reads via upload_image

Summary Feishu upload path resolution could read files outside the configured localRoots sandbox before handing them to the upload path. Impact A tool caller constrained to workspace or localRoots paths could exfiltrate arbitrary host files through Feishu upload actions. Affected Component...

6CVSS6AI score0.00339EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/31 8:31 p.m.6 views

EUVD-2026-17622

Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, Admidio relies on admmyfiles/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently igno...

7.5CVSS5.7AI score0.00575EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.4 views

CVE-2026-4207

A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function...

9.8CVSS6.3AI score0.03774EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.13 views

SiYuan 安全漏洞

SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan itself. Versions of SiYuan 3.6.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from improper cleaning of upload file paths, allowing administrators to write files to arbitrary...

9.1CVSS6.8AI score0.00434EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/02/23 1:31 p.m.4 views

CVE-2026-2945

A weakness has been identified in JeecgBoot 3.9.0. Affected by this vulnerability is an unknown functionality of the file /sys/common/uploadImgByHttp. Executing a manipulation of the argument fileUrl can lead to server-side request forgery. The attack may be launched remotely. The exploit has bee...

6.5CVSS6.2AI score0.0025EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/02/22 1:2 p.m.34 views

CVE-2026-2945 JeecgBoot uploadImgByHttp server-side request forgery

A weakness has been identified in JeecgBoot 3.9.0. Affected by this vulnerability is an unknown functionality of the file /sys/common/uploadImgByHttp. Executing a manipulation of the argument fileUrl can lead to server-side request forgery. The attack may be launched remotely. The exploit has bee...

6.5CVSS0.0025EPSS
Exploits1References4
OSV
OSV
added 2026/02/18 12:46 a.m.5 views

GHSA-CV7M-C9JX-VG7Q OpenClaw has a path traversal in browser upload allows local file read

Summary Authenticated attackers can read arbitrary files from the Gateway host by supplying absolute paths or path traversal sequences to the browser tool's upload action. The server passed these paths to Playwright's setInputFiles APIs without restricting them to a safe root. Severity remains Hi...

7.1CVSS5.9AI score0.00408EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.8 views

WordPress plugin Migration, Backup, Staging – WPvivid Backup & Migration 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

9.8CVSS7.8AI score0.32714EPSS
Exploits13References8
Packet Storm
Packet Storm
added 2026/01/26 12:0 a.m.142 views

📄 ManageEngine DeviceExpert 5.6 Traversal / Code Execution

Proof of concept exploit for ManageEngine DeviceExpert version 5.6 that injects PHP code into a user agent and uses a path traversal vulnerability to execute code...

6AI score
Exploits0
NVD
NVD
added 2026/01/23 10:16 p.m.9 views

CVE-2025-70457

A Remote Code Execution RCE vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save...

9.8CVSS0.00832EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/01/21 5:27 p.m.5 views

CVE-2021-47746

NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows administrative users to write files to arbitrary system locations through the emoji upload API. Attackers with admin access can craft file upload requests with directory traversal to overwrite system files by...

8.6CVSS5.5AI score0.00664EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/01/01 10:2 p.m.14 views

CVE-2025-15415

The CVE concerns xnx3 wangmarket (up to 6.4) in the XML File Handler, specifically the uploadImage function at /sits/uploadImage.do. The issue arises from manipulating the image parameter, enabling unrestricted file uploads and remote exploitation. Public exploitation has been disclosed; vendor d...

5.8CVSS6.3AI score0.00206EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2025/12/29 7:43 p.m.1 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal due to insufficient sanitization of directory names ending with a "." in the upload process. An attacker can write files outside the intended datastore directory by crafting directory names that end with "%2E". This ...

8.2CVSS7.7AI score0.00471EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/12/25 6:20 a.m.13 views

CVE-2025-13407

The Gravity Forms WordPress plugin before 2.9.23.1 does not properly prevent users from uploading dangerous files through its chunked upload functionality, allowing attackers to upload PHP files to affected sites and achieve Remote Code Execution, granted they can discover or enumerate the upload...

6.8CVSS7.3AI score0.00315EPSS
Exploits2References1
NVD
NVD
added 2025/12/24 6:15 a.m.8 views

CVE-2025-13407

The Gravity Forms WordPress plugin before 2.9.23.1 does not properly prevent users from uploading dangerous files through its chunked upload functionality, allowing attackers to upload PHP files to affected sites and achieve Remote Code Execution, granted they can discover or enumerate the upload...

6.8CVSS0.00315EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/12/24 6:0 a.m.33 views

CVE-2025-13407 GravityForms < 2.9.23.1 - Unauthenticated Arbitrary File Upload

The Gravity Forms WordPress plugin before 2.9.23.1 does not properly prevent users from uploading dangerous files through its chunked upload functionality, allowing attackers to upload PHP files to affected sites and achieve Remote Code Execution, granted they can discover or enumerate the upload...

0.00315EPSS
Exploits2References1
Rows per page
Query Builder