Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Positive Technologies
Positive Technologiesadded 2026/03/28 12:0 a.m.1 views

PT-2026-28717

Name of the Vulnerable Software and Affected Versions z-9527 admin versions prior to 72aaf2dd05cf4ec2e98f390668b41e128eec5ad2 Description A security issue has been identified in z-9527 admin. The issue resides within the uploadFile function located in the /server/utils/upload.js file, specificall...

6.5CVSS5.7AI score0.00092EPSS
Exploits0References8
CNNVD
CNNVDadded 2026/03/08 12:0 a.m.2 views

Bytedesk 代码问题漏洞

Bytedesk is a multi-channel intelligent customer service platform developed by the individual developers of bytedesk.com. Versions of Bytedesk 1.3.9 and earlier have code vulnerabilities. These vulnerabilities stem from operations related to the uploadFile function in the UploadRestController.jav...

8.8CVSS6.7AI score0.00137EPSS
Exploits1References9
RedhatCVE
RedhatCVEadded 2025/10/07 6:9 a.m.1 views

CVE-2025-11320

A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...

6.5CVSS6.7AI score0.00048EPSS
Exploits0References1
NVD
NVDadded 2024/03/22 4:15 a.m.8 views

CVE-2024-29273

There is Stored Cross-Site Scripting XSS in dzzoffice 2.02.1 SC UTF8 in uploadfile to index.php, with the XSS payload in an SVG document...

6.1CVSS5AI score0.00106EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/03/22 12:0 a.m.11 views

CVE-2024-29273

There is Stored Cross-Site Scripting XSS in dzzoffice 2.02.1 SC UTF8 in uploadfile to index.php, with the XSS payload in an SVG document...

5.1AI score0.00106EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/04/04 12:0 a.m.2 views

KiteCMS 代码问题漏洞

KiteCMS is a website CMS. A security vulnerability exists in KiteCMS v.1.1. An attacker can exploit this vulnerability to execute arbitrary code via the uploadFile function...

7.2CVSS7.6AI score0.01928EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/12/07 12:0 a.m.14 views

CVE-2022-44942

Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function...

8.4AI score0.00218EPSS
Exploits1References1
OSV
OSVadded 2021/09/30 6:15 p.m.0 views

CVE-2021-35199

NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting XSS in UploadFile...

5.4CVSS5.8AI score0.00354EPSS
Exploits0References1
CNVD
CNVDadded 2019/05/24 12:0 a.m.1 views

Westermo DR-260, DR-250 and MR-260 Code Issue Vulnerabilities

Westermo DR-260 and others are products of the Swedish company Westermo.Westermo DR-260 is a DSL router.Westermo DR-250 is a DSL router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia...

8.8CVSS7.5AI score0.0075EPSS
Exploits0References1
Openbugbounty
Openbugbountyadded 2017/07/01 3:39 p.m.12 views

national.insurerbuild.co.nz XSS vulnerability

Vulnerable URL: http://national.insurerbuild.co.nz/upload/uploadfile.asp?attachtype=1"...

6.9AI score
Exploits0
Rows per page
Query Builder