Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24 matches found

RedhatCVE
RedhatCVEadded last week7 views

CVE-2026-6625

A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureByUrl of the file mogupicture/src/main/java/com/moxi/mogublog/picture/service/impl/LocalFileServiceImpl.java of the component Picture...

7.5CVSS6.6AI score0.00054EPSS
Exploits0References1
NVD
NVDadded 2026/04/20 10:16 a.m.5 views

CVE-2026-6625

A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureByUrl of the file mogupicture/src/main/java/com/moxi/mogublog/picture/service/impl/LocalFileServiceImpl.java of the component Picture...

7.5CVSS0.00054EPSS
Exploits0References4
CVE
CVEadded 2026/04/20 9:30 a.m.8 views

CVE-2026-6625

CVE-2026-6625 affects moxi624 Mogu Blog v2 up to 5.2; the vulnerability is in LocalFileServiceImpl.uploadPictureByUrl (mogu_picture/src/main/java/com/moxi/mogublog/picture/service/impl/LocalFileServiceImpl.java) and enables server-side request forgery. It can be exploited remotely; the exploit ha...

7.5CVSS6.5AI score0.00054EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/04/20 9:30 a.m.2 views

CVE-2026-6625

A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureByUrl of the file mogupicture/src/main/java/com/moxi/mogublog/picture/service/impl/LocalFileServiceImpl.java of the component Picture...

7.5CVSS6.5AI score0.00054EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/20 12:0 a.m.1 views

PT-2026-33748

A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureByUrl of the file mogu picture/src/main/java/com/moxi/mogublog/picture/service/impl/LocalFileServiceImpl.java of the component Picture...

7.5CVSS6.5AI score0.00054EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/02/19 1:28 a.m.13 views

CVE-2025-70151

code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints updateprofilepicture.php and uploadpicture.php store uploaded files in a web-accessible uploads/ directory using the original, user-supplied...

8.8CVSS6.8AI score0.00337EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/02/18 12:0 a.m.4 views

CVE-2025-70151

code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints updateprofilepicture.php and uploadpicture.php store uploaded files in a web-accessible uploads/ directory using the original, user-supplied...

8.8CVSS6.8AI score0.00337EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/02/18 12:0 a.m.4 views

CVE-2025-70151

code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints updateprofilepicture.php and uploadpicture.php store uploaded files in a web-accessible uploads/ directory using the original, user-supplied...

6.8AI score0.00337EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/12/02 8:23 a.m.3 views

CVE-2025-13814

A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been released...

9.8CVSS7.3AI score0.00058EPSS
Exploits1References1
NVD
NVDadded 2025/12/01 8:15 a.m.3 views

CVE-2025-13814

A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been released...

9.8CVSS0.00058EPSS
Exploits1References5
OSV
OSVadded 2025/12/01 8:15 a.m.3 views

CVE-2025-13814

A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been released...

9.8CVSS6.6AI score
Exploits0References5
Cvelist
Cvelistadded 2025/12/01 7:32 a.m.11 views

CVE-2025-13814 moxi159753 Mogu Blog v2 uploadPicsByUrl LocalFileServiceImpl.uploadPictureByUrl server-side request forgery

A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been released...

7.5CVSS0.00058EPSS
Exploits1References5
EUVD
EUVDadded 2025/12/01 7:32 a.m.5 views

EUVD-2025-199972

A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been released...

7.5CVSS6.2AI score0.00058EPSS
Exploits1References6
CVE
CVEadded 2025/12/01 7:32 a.m.10 views

CVE-2025-13814

The CVE affects moxi159753 Mogu Blog v2 up to 5.2. The vulnerability is in LocalFileServiceImpl.uploadPictureByUrl (file /file/uploadPicsByUrl) and enables server-side request forgery. Exploitation can be performed remotely and, per sources, a public PoC exists; vendor did not respond to disclosu...

9.8CVSS7.2AI score0.00058EPSS
Exploits1References5Affected Software1
CNNVD
CNNVDadded 2025/12/01 12:0 a.m.3 views

Mogu blog 代码问题漏洞

Mogu blog is a micro-architecture based front-end and back-end shared blog system by individual developers in Streamlet, China. A code issue vulnerability exists in Mogu blog v2 5.2 and earlier versions, which originates from a flaw in the function LocalFileServiceImpl.uploadPictureByUrl in the...

9.8CVSS7.4AI score0.00058EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-5799

Malware in sbrugna...

6.1CVSS6.3AI score0.0024EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-8832

Malware in sbrugna...

6.1CVSS6.3AI score0.0028EPSS
Exploits1References2
NVD
NVDadded 2022/07/15 12:15 p.m.16 views

CVE-2021-36461

An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini...

8.8CVSS0.00354EPSS
Exploits1References1
OSV
OSVadded 2022/07/15 12:15 p.m.1 views

CVE-2021-36461

An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini...

8.8CVSS7.3AI score0.00354EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/07/15 11:34 a.m.16 views

CVE-2021-36461

An Arbitrary File Upload vulnerability exists in Microweber 1.1.3 that allows attackers to getshell via the Settings Upload Picture section by uploading pictures with malicious code, user.ini...

8.8AI score0.00354EPSS
Exploits1References1
Rows per page
Query Builder