Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

Positive Technologies
Positive Technologiesadded 2026/03/28 12:0 a.m.3 views

PT-2026-28717

Name of the Vulnerable Software and Affected Versions z-9527 admin versions prior to 72aaf2dd05cf4ec2e98f390668b41e128eec5ad2 Description A security issue has been identified in z-9527 admin. The issue resides within the uploadFile function located in the /server/utils/upload.js file, specificall...

6.5CVSS5.7AI score0.00346EPSS
Exploits0References8
CNNVD
CNNVDadded 2026/03/08 12:0 a.m.3 views

Bytedesk 代码问题漏洞

Bytedesk is a multi-channel intelligent customer service platform developed by the individual developers of bytedesk.com. Versions of Bytedesk 1.3.9 and earlier have code vulnerabilities. These vulnerabilities stem from operations related to the uploadFile function in the UploadRestController.jav...

8.8CVSS6.7AI score0.00482EPSS
Exploits1References9
RedhatCVE
RedhatCVEadded 2025/10/07 6:9 a.m.13 views

CVE-2025-11320

A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...

6.5CVSS6.7AI score0.00298EPSS
Exploits0References1
NVD
NVDadded 2024/03/22 4:15 a.m.9 views

CVE-2024-29273

There is Stored Cross-Site Scripting XSS in dzzoffice 2.02.1 SC UTF8 in uploadfile to index.php, with the XSS payload in an SVG document...

6.1CVSS5AI score0.00366EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/03/22 12:0 a.m.15 views

CVE-2024-29273

There is Stored Cross-Site Scripting XSS in dzzoffice 2.02.1 SC UTF8 in uploadfile to index.php, with the XSS payload in an SVG document...

5.1AI score0.00366EPSS
Exploits1References1
BDU FSTEC
BDU FSTECadded 2023/10/03 12:0 a.m.4 views

Vulnerability of the /Tool/uploadfile.php script in D-Link DAR-8000 and DAR-7000 router microprogramming software, allowing attackers to execute arbitrary commands

The vulnerability of the /Tool/uploadfile.php script in D-Link’s DAR-8000 and DAR-7000 router microprogramming systems relates to the ability to download files of a malicious nature without limitation. Exploiting this vulnerability could allow an attacker to execute arbitrary commands remotely...

6.5CVSS7.1AI score0.3066EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTECadded 2023/05/26 12:0 a.m.5 views

The vulnerability of the uploadFile function in the D-View 8 network device management platform allows a hacker to create arbitrary files.

The vulnerability of the uploadFile function in the D-View 8 network device management platform is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to create arbitrary files remotely...

9CVSS7.6AI score0.74302EPSS
Exploits0References5Affected Software1
CNNVD
CNNVDadded 2023/04/04 12:0 a.m.3 views

KiteCMS 代码问题漏洞

KiteCMS is a website CMS. A security vulnerability exists in KiteCMS v.1.1. An attacker can exploit this vulnerability to execute arbitrary code via the uploadFile function...

7.2CVSS7.6AI score0.01256EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/12/07 12:0 a.m.32 views

CVE-2022-44942

Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function...

8.4AI score0.00859EPSS
Exploits1References1
OSV
OSVadded 2021/09/30 6:15 p.m.4 views

CVE-2021-35199

NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting XSS in UploadFile...

5.4CVSS5.8AI score0.00451EPSS
Exploits0References1
CNVD
CNVDadded 2019/05/24 12:0 a.m.4 views

Westermo DR-260, DR-250 and MR-260 Code Issue Vulnerabilities

Westermo DR-260 and others are products of the Swedish company Westermo.Westermo DR-260 is a DSL router.Westermo DR-250 is a DSL router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia...

8.8CVSS7.5AI score0.01964EPSS
Exploits0References1
Openbugbounty
Openbugbountyadded 2017/07/01 3:39 p.m.13 views

national.insurerbuild.co.nz XSS vulnerability

Vulnerable URL: http://national.insurerbuild.co.nz/upload/uploadfile.asp?attachtype=1"...

6.9AI score
Exploits0
Rows per page
Query Builder