Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded 2026/05/24 10:30 a.m.10 views

CVE-2026-9374 yangzongzhuan RuoYi-Vue Common Upload Endpoint upload FileUploadUtils.upload unrestricted upload

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a manipulation results in unrestricted upload. The attack is possible to be carried out remotely. The...

6.5CVSS0.00035EPSS
Exploits0References3
CVE
CVEadded 2026/05/24 10:30 a.m.19 views

CVE-2026-9374

The CVE applies to yangzongzhuan RuoYi-Vue (up to version 3.9.2). The vulnerable component is the Common Upload Endpoint, specifically the FileUploadUtils.upload function in /common/upload. The root cause is described as a manipulation that enables unrestricted file upload, allowing remote exploi...

6.5CVSS6.3AI score0.00035EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/01/09 12:35 p.m.3 views

CVE-2023-49257

An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate upload utility and execute it with the root user privileges...

8.8CVSS7.2AI score0.00056EPSS
Exploits0References1
NVD
NVDadded 2025/09/14 12:15 p.m.2 views

CVE-2025-10398

A security flaw has been discovered in fcbazzm ics-park Smart Park Management System 2.0. This vulnerability affects unknown code of the file FileUploadUtils.java. The manipulation of the argument File results in unrestricted upload. The attack can be launched remotely. The exploit has been...

8.8CVSS0.00098EPSS
Exploits1References4
CNNVD
CNNVDadded 2025/09/14 12:0 a.m.0 views

fcba_zzm ics-park 代码问题漏洞

fcbazzm ics-park is an intelligent park management system from fcbazzm. A code issue vulnerability exists in version 2.0 of fcbazzm ics-park, which stems from the incorrect manipulation of the parameter File in the file FileUploadUtils.java, and could lead to arbitrary file uploads...

8.8CVSS6.6AI score0.00098EPSS
Exploits1References5
Github Security Blog
Github Security Blogadded 2023/08/06 6:30 p.m.20 views

Cockpit PHP Remote File Inclusion vulnerability

PHP Remote File Inclusion in GitHub repository cockpit-hq/cockpit prior to 2.6.3. Users may upload php files through the system file upload utility to obtain remote code execution...

9.9CVSS8AI score0.01113EPSS
Exploits1References4Affected Software1
securityvulns
securityvulnsadded 2012/04/09 12:0 a.m.95 views

[waraxe-2012-SA#082] - File Existence Disclosure in Uploadify 3.0.0

waraxe-2012-SA082 - File Existence Disclosure in Uploadify 3.0.0 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-82.html Description of vulnerable software:...

0.3AI score
Exploits0
Packet Storm
Packet Stormadded 2012/04/06 12:0 a.m.28 views

Uploadify 2.1.4 Cross Site Scripting / Shell Upload

waraxe-2012-SA083 - Multiple Vulnerabilities in Uploadify 2.1.4 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-83.html Description of vulnerable software:...

Exploits0
Rows per page
Query Builder