Lucene search
K

7 matches found

CVE
CVE
added yesterday10 views

CVE-2026-12116

CVE-2026-12116 affects Xerte Online Toolkits. The vulnerability allows remote code execution by editing the antivirus binary path in the tools server configuration to point to a PHP interpreter, causing any uploaded PHP data to execute. Affected product: Xerte Online Toolkits (open‑source e‑learn...

9.8CVSS5.9AI score
Exploits0References3
CNNVD
CNNVD
added 2025/09/03 12:0 a.m.3 views

Fuji Electric FRENIC-Loader 4 代码问题漏洞

Fuji Electric FRENIC-Loader 4 is a computer software designed for Fuji Electric inverters such as the FRENIC series, mainly for parameter setting, monitoring and debugging. A deserialization vulnerability exists in Fuji Electric FRENIC-Loader 4, which can be exploited by an attacker to execute...

8.4CVSS7.7AI score0.00186EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2024/12/17 10:21 p.m.19 views

CVE-2024-54677

A flaw was found in the "examples" web application of Apache Tomcat. Numerous examples within that application did not place limits on uploaded data. This vulnerability can potentially trigger an out-of-memory OOM error, leading to a denial of service...

3.7CVSS6.4AI score0.01914EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/11/25 12:0 a.m.6 views

Badaso 代码问题漏洞

Badaso is an open source Laravel Vue headless CMS. A remote command execution vulnerability exists in uatech Badaso version 2.6.3, which stems from a failure to properly validate user uploaded data and can be exploited by an unauthenticated, remote attacker to remotely execute arbitrary code on t...

9.8CVSS8AI score0.01813EPSS
Exploits1References3
CNVD
CNVD
added 2021/05/14 12:0 a.m.7 views

ILIAS Information Disclosure Vulnerability

ILIAS is a powerful open source learning management system for developing and implementing web-based e-learning. An information disclosure vulnerability exists in ILIAS versions prior to 5.3.19, 5.4.12, and 6.0. An attacker can exploit this vulnerability to gain access to uploaded data paths via ...

6.5CVSS6.4AI score0.01546EPSS
Exploits0References1
OSV
OSV
added 2020/05/25 3:15 p.m.4 views

CVE-2020-13442

A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/...

9.8CVSS7.7AI score0.02647EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2018/08/10 6:29 p.m.6 views

CVE-2018-10626

Medtronic MyCareLink Patient Monitor’s update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLin...

4.4CVSS6.1AI score0.00361EPSS
Exploits0References5
Rows per page
Query Builder