Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2026/01/08 1:50 a.m.26 views

CVE-2019-25295 WP Cost Estimation < 9.660 - Upload Directory Traversal

The WP Cost Estimation plugin for WordPress is vulnerable to Upload Directory Traversal in versions before 9.660 via the uploadFormFiles function. This allows attackers to overwrite any file with a whitelisted type on an affected site...

6.5CVSS0.00345EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/01/08 12:0 a.m.2 views

WordPress plugin WP Cost Estimation 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A path traversal...

6.5CVSS6.9AI score0.00345EPSS
Exploits0References3
CVE
CVEadded 2025/12/24 7:43 p.m.12 views

CVE-2025-68916

Riello UPS NetMan 208 Application before 1.12 is affected by a directory traversal flaw in cgi-bin/certsupload.cgi that allows uploading files via the ../ sequence, enabling code execution. Concrete details across multiple sources confirm the vulnerable component and the root cause (certsupload.c...

9.1CVSS7.3AI score0.00662EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2025/12/11 9:39 p.m.8 views

CVE-2024-58298

CVE-2024-58298 – Compuware iStrobe Web 20.13 is confirmed to have a pre-authentication remote code execution vulnerability due to a path-traversal in the file upload form. The issue allows unauthenticated attackers to upload JSP files via the fileName parameter, effectively uploading a web shell ...

9.2CVSS8.6AI score0.01811EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2022/06/24 3:15 p.m.0 views

CVE-2022-30117

Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This was remediated by sanitizing /index.php/ccm/system/file/upload to ensure Concrete doesn’t allow traversal and by changin...

9.1CVSS7.3AI score0.00232EPSS
Exploits0References4
OSV
OSVadded 2021/07/25 10:15 p.m.2 views

CVE-2021-37444

NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file for the the inbuilt...

8.8CVSS7.7AI score
Exploits0References2
Saint
Saintadded 2011/05/27 12:0 a.m.38 views

Novell ZENworks Asset Management File Upload Traversal

Added: 05/27/2011 CVE: CVE-2010-4229 BID: 47295 OSVDB: 71872 Background Novell ZENworks is a resource management solution consisting of a management server and management agents. Problem The Asset Management module ZAM of ZENworks version 10.3 prior to 10.3.2 and version 11 fail to validate the...

10CVSS6.5AI score0.34185EPSS
Exploits5
Rows per page
Query Builder