Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2025/12/11 4:16 p.m.2 views

CVE-2025-14522

A vulnerability was detected in baowzh hfly up to 638ff9abe9078bc977c132b37acbe1900b63491c. The impacted element is an unknown function of the file /Public/Kindeditor/php/uploadjson.php. Performing manipulation of the argument imgFile results in unrestricted upload. It is possible to initiate the...

9.8CVSS0.00048EPSS
Exploits0References4
CVE
CVEadded 2025/12/11 4:2 p.m.17 views

CVE-2025-14522

CVE-2025-14522 affects baowzh hfly with an unrestricted file upload via the imgFile parameter in /Public/Kindeditor/php/upload_json.php. The root cause is manipulation of imgFile, enabling remote exploitation; exploitation status and affected versions are not clearly defined in the provided detai...

9.8CVSS6.4AI score0.00048EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2025/12/11 4:2 p.m.3 views

CVE-2025-14522 baowzh hfly upload_json.php unrestricted upload

A vulnerability was detected in baowzh hfly up to 638ff9abe9078bc977c132b37acbe1900b63491c. The impacted element is an unknown function of the file /Public/Kindeditor/php/uploadjson.php. Performing manipulation of the argument imgFile results in unrestricted upload. It is possible to initiate the...

6.5CVSS6.4AI score0.00048EPSS
Exploits0References4
CNVD
CNVDadded 2021/10/15 12:0 a.m.22 views

KindEditor XSS Vulnerability

KindEditor is a lightweight, open source LGPL, cross-browser, web-based WYSIWYG HTML editor. KindEditor is capable of converting standard text areas to rich text editors. an XSS vulnerability exists in KindEditor prior to version 4.1.x. The vulnerability is related to the affected version not...

6.1CVSS1.4AI score0.00345EPSS
Exploits1References1
CNNVD
CNNVDadded 2021/10/14 12:0 a.m.1 views

Kindeditor 跨站脚本漏洞

KindEditor is a lightweight, open source LGPL, cross-browser, web-based WYSIWYG HTML editor. KindEditor is capable of converting standard text areas to rich text editors. an XSS vulnerability exists in KindEditor prior to version 4.1.x. The vulnerability is related to the affected version not...

6.1CVSS5.5AI score0.00345EPSS
Exploits1References2
OSV
OSVadded 2018/11/05 9:29 a.m.10 views

CVE-2018-18950

KindEditor through 4.1.11 has a path traversal vulnerability in php/uploadjson.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication...

7.5CVSS6.9AI score
Exploits0References1
Cvelist
Cvelistadded 2017/09/14 1:0 p.m.16 views

CVE-2017-1002024

Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/uploadjson.php does not check authentication before allow users to upload files...

4.8AI score0.00297EPSS
Exploits1References3
CVE
CVEadded 2017/09/14 1:0 p.m.57 views

CVE-2017-1002024

Vulnerability details for CVE-2017-1002024 show a flaw in Kind Editor v4.1.12 where kindeditor/php/upload_json.php does not authenticate users before allowing file uploads. This enables unauthenticated users to upload files via the endpoint, per the public CVE description. The NVD entry lists a M...

4.3CVSS4.7AI score0.00297EPSS
Exploits1References3Affected Software2
Rows per page
Query Builder