Lucene search
+L

4 matches found

NVD
NVD
added 2026/07/09 2:16 p.m.8 views

CVE-2026-12116

A vulnerability in the Xerte Online Tools allows for RCE through the antivirus binary path in the tools server settings, which can be changed to a PHP interpreter, allowing an attacker to upload PHP data that will then be executed...

9.8CVSS0.0038EPSS
Exploits0References3
OSV
OSV
added 2025/07/12 10:15 a.m.4 views

CVE-2020-36847

The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the...

9.8CVSS6AI score0.12633EPSS
Exploits5References5
Positive Technologies
Positive Technologies
added 2021/11/10 12:0 a.m.5 views

PT-2021-16898 · Publify · Publify

Name of the Vulnerable Software and Affected Versions: Publify versions v8.0 through v9.2.4 Description: The issue allows a user with a publisher role to inject and execute arbitrary JavaScript code, enabling stored XSS attacks. This can occur while creating a page or article, potentially through...

5.4CVSS5.8AI score0.00578EPSS
Exploits0References12
CNNVD
CNNVD
added 2021/09/27 12:0 a.m.5 views

PortlandLabs Concrete Cms 路径遍历漏洞

PortlandLabs Concrete Cms is a team-oriented open source content management system from PortlandLabs, Inc. PortlandLabs Concrete CMS 8.5.5 and earlier is vulnerable to path traversal, which can be exploited by attackers to cause remote code execution via uploaded PHP code...

8.8CVSS8.7AI score0.02425EPSS
Exploits0References2
Rows per page
Query Builder