Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

171 matches found

NVD
NVDadded 2025/01/05 12:15 p.m.9 views

CVE-2024-13140

A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=uploadcover of the component Cover Upload Handler. The manipulation of the argument image leads to cross site scripting. It is possible to launc...

5.4CVSS0.00135EPSS
Exploits1References5
OSV
OSVadded 2025/01/05 12:15 p.m.5 views

CVE-2024-13140

A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=uploadcover of the component Cover Upload Handler. The manipulation of the argument image leads to cross site scripting. It is possible to launc...

5.4CVSS6.2AI score
Exploits0References5
CVE
CVEadded 2025/01/05 11:31 a.m.45 views

CVE-2024-13140

CVE-2024-13140 affects Emlog Pro up to 2.4.3. A cross-site scripting vulnerability exists in the Cover Upload Handler, triggered by manipulating the image parameter in /admin/article.php?action=upload_cover. The flaw is exploitable remotely; public exploit appears in sources. Connected data confi...

5.4CVSS3.8AI score0.00135EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologiesadded 2025/01/05 12:0 a.m.2 views

PT-2025-2026 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro versions up to 2.4.3 Description: A problematic issue has been found in the Cover Upload Handler component, affecting an unknown function of the file /admin/article.php?action=upload cover. The manipulation of the image argument lea...

5.4CVSS4.2AI score0.00135EPSS
Exploits1References13
Positive Technologies
Positive Technologiesadded 2024/12/09 12:0 a.m.1 views

PT-2024-17557 · Guizhou Xiaoma Technology · Jpress

Name of the Vulnerable Software and Affected Versions: Guizhou Xiaoma Technology jpress version 5.1.2 Description: A problem was found in the Attachment Upload Handler's function AttachmentUtils.isUnSafe of the file /commons/attachment/upload. The manipulation of the argument files leads to cross...

6.1CVSS3.5AI score0.00174EPSS
Exploits1References11
AlpineLinux
AlpineLinuxadded 2024/09/01 10:15 p.m.23 views

CVE-2024-8370

A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability affects unknown code of the file /api/files/recipepictures/ of the component SVG File Upload Handler. The manipulation of the argument forceserveas with the input picture' leads to cross site scripting. T...

5.4CVSS7AI score0.00199EPSS
Exploits1References3
NVD
NVDadded 2024/09/01 10:15 p.m.22 views

CVE-2024-8370

A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability affects unknown code of the file /api/files/recipepictures/ of the component SVG File Upload Handler. The manipulation of the argument forceserveas with the input picture' leads to cross site scripting. T...

5.4CVSS0.00199EPSS
Exploits1References3
CVE
CVEadded 2024/09/01 10:0 p.m.74 views

CVE-2024-8370

CVE-2024-8370 affects Grocy up to 4.2.0, targeting the SVG File Upload Handler. The vulnerability exists in unknown code path under /api/files/recipepictures/ where manipulating the argument force_serve_as with a crafted image leads to stored cross-site scripting. Exploitation is remotely possibl...

5.4CVSS4AI score0.00199EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2024/09/01 10:0 p.m.25 views

CVE-2024-8370 Grocy SVG File Upload recipepictures cross site scripting

A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability affects unknown code of the file /api/files/recipepictures/ of the component SVG File Upload Handler. The manipulation of the argument forceserveas with the input picture' leads to cross site scripting. T...

5.3CVSS0.00199EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2024/05/14 12:0 a.m.1 views

PT-2024-3688 · Siemens · Ruggedcom Crossbow

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM CROSSBOW versions prior to V5.5 Description: The issue is related to incorrect external control of file names or paths in the Firmware Upload Handler component of the RUGGEDCOM CROSSBOW system. This could allow a remote attacker to...

8.3CVSS8.3AI score0.02408EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2024/05/14 12:0 a.m.1 views

PT-2024-3687 · Siemens · Ruggedcom Crossbow

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM CROSSBOW versions prior to V5.5 Description: The issue is related to incorrect external control of a file name or path in the Firmware Upload Handler component of the RUGGEDCOM CROSSBOW system. This could allow a remote attacker to...

8.3CVSS8.2AI score0.02408EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2024/03/17 12:0 a.m.2 views

PT-2024-21065 · Unknown · Pandaxgo Pandax

Name of the Vulnerable Software and Affected Versions: PandaXGO PandaX up to 20240310 Description: A critical issue has been found in the File Extension Handler component, specifically in the /apps/system/router/upload.go file. The manipulation of the file argument leads to unrestricted upload...

9.8CVSS6.6AI score0.00072EPSS
Exploits0References7
NVD
NVDadded 2024/01/09 10:15 p.m.9 views

CVE-2024-0348

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the component File Upload Handler. The manipulation leads to resource consumption. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS5.1AI score0.00052EPSS
Exploits1References3
Prion
Prionadded 2024/01/09 10:15 p.m.9 views

Design/Logic Flaw

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the component File Upload Handler. The manipulation leads to resource consumption. It is possible to launch the attack remotely. The exploit has been...

4CVSS7.2AI score0.00052EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2024/01/09 10:0 p.m.36 views

CVE-2024-0348

The CVE-2024-0348 entry concerns SourceCodester Engineers Online Portal 1.0. The vulnerability affects the File Upload Handler component (an unknown function) and leads to resource consumption. The issue is exploitable remotely over the network, with the exploit publicly disclosed (VDB-250116). S...

6.5CVSS6.5AI score0.00052EPSS
Exploits1References3Affected Software1
CNNVD
CNNVDadded 2024/01/09 12:0 a.m.2 views

Engineers Online Portal Resource Management Error Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. A resource management error vulnerability exists in SourceCodester Engineers Online Portal version 1.0, which stems from th...

6.5CVSS6.9AI score0.00052EPSS
Exploits1References4
NVD
NVDadded 2023/12/17 1:15 a.m.7 views

CVE-2023-6887

A vulnerability classified as critical has been found in saysky ForestBlog up to 20220630. This affects an unknown part of the file /admin/upload/img of the component Image Upload Handler. The manipulation of the argument filename leads to unrestricted upload. It is possible to initiate the attac...

9.8CVSS0.00077EPSS
Exploits1References3
Prion
Prionadded 2023/12/17 1:15 a.m.7 views

Design/Logic Flaw

A vulnerability classified as critical has been found in saysky ForestBlog up to 20220630. This affects an unknown part of the file /admin/upload/img of the component Image Upload Handler. The manipulation of the argument filename leads to unrestricted upload. It is possible to initiate the attac...

6.5CVSS7.2AI score0.00077EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2023/12/17 12:31 a.m.64 views

CVE-2023-6887

CVE-2023-6887 affects saysky ForestBlog

9.8CVSS8.1AI score0.00077EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2023/12/17 12:31 a.m.9 views

CVE-2023-6887 saysky ForestBlog Image Upload img unrestricted upload

A vulnerability classified as critical has been found in saysky ForestBlog up to 20220630. This affects an unknown part of the file /admin/upload/img of the component Image Upload Handler. The manipulation of the argument filename leads to unrestricted upload. It is possible to initiate the attac...

6.5CVSS6.9AI score0.00077EPSS
Exploits1References3
Rows per page
Query Builder