Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2026/03/11 9:31 p.m.2 views

EUVD-2019-19760

ARMBot contains an unrestricted file upload vulnerability in upload.php that allows unauthenticated attackers to upload arbitrary files by manipulating the file parameter with path traversal sequences. Attackers can upload PHP files with traversal payloads ../publichtml/ to write executable code ...

8.7CVSS6.1AI score0.00154EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/02/19 12:0 a.m.4 views

FLIR Systems AX8 Cameras Improper Access Control (CVE-2025-6266)

A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results in unrestricted upload. It is possible to initiate the attack remotely. The exploit is now public...

9.8CVSS5.8AI score0.00349EPSS
Exploits1References5
NVD
NVDadded 2026/01/13 4:16 p.m.1 views

CVE-2025-69992

phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables the upload of files of any format to the server without identity authentication...

9.8CVSS0.00101EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2009-1090

Malware in sbrugna...

5CVSS6.4AI score0.00193EPSS
Exploits0References6
CNNVD
CNNVDadded 2024/09/27 12:0 a.m.1 views

YPay 安全漏洞

YPay is an aggregated signature-free payment system for individual webmasters by kacins personal developer. A security vulnerability exists in YPay version 1.2.0, which stems from an arbitrary file upload vulnerability that allows an attacker to execute arbitrary code via a ZIP archive in...

8.8CVSS7.8AI score0.00279EPSS
Exploits0References2
CNVD
CNVDadded 2021/04/15 12:0 a.m.6 views

Group Office CRM Server-Side Request Forgery Vulnerability

Group Office CRM is an enterprise CRM and component tool with email client, shared projects, calendar, documents and more. A server-side request forgery vulnerability exists in Group Office CRM version 6.4.196, which can be exploited by a remote attacker to forge a GET request to any URL via the...

5.3CVSS6.9AI score0.00375EPSS
Exploits1References1
NVD
NVDadded 2020/03/07 12:15 a.m.11 views

CVE-2020-10212

upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. For example, an SSRF attempt may succeed if a .ico filename is added to the...

9.8CVSS9.5AI score0.00982EPSS
Exploits5References1
CNVD
CNVDadded 2017/06/21 12:0 a.m.1 views

Arbitrary file upload vulnerability in EduWork uplaod.php page

EduWork is an almost open source training institution management system, focusing on solving the daily affairs of training institutions and the entire management. An arbitrary file upload vulnerability exists in the EduWork uplaod.php page. Attackers can use this vulnerability to obtain...

7.2AI score
Exploits0
CNVD
CNVDadded 2017/06/21 12:0 a.m.1 views

File Upload Vulnerability in FinecmsV5.0.8

FineCMS is a content management system based on PHP+MySql. A file upload vulnerability exists in FinecmsV5.0.8. The vulnerability exists in the file finecms\dayrui\libraries\Upload.php. An attacker can exploit the vulnerability to upload arbitrary files...

7.1AI score
Exploits0
Rows per page
Query Builder