Lucene search
K

1265 matches found

Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31090

Name of the Vulnerable Software and Affected Versions The AM LottiePlayer plugin for WordPress versions up to and including 3.6.0 Description The AM LottiePlayer plugin for WordPress is susceptible to Stored Cross-Site Scripting through uploaded SVG files. Insufficient input sanitization and outp...

5.4CVSS5.9AI score0.00173EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/07 6:31 p.m.3 views

EUVD-2024-55537

Koha Library before 23.05.10 fails to sanitize user-controllable filenames prior to unzipping, leading to remote code execution. The line "qx/unzip $filename -d $dirname/;" in upload-cover-image.pl is vulnerable to command injection via shell metacharacters because input data can be controlled by...

6.1AI score0.01803EPSS
Exploits0References5
CVE
CVE
added 2026/04/07 12:0 a.m.8 views

CVE-2024-36057

CVE-2024-36057 affects Koha Library prior to 23.05.10. The vulnerability stems from insufficient sanitization of user-controlled filenames before unzipping, allowing command injection via the shell in the unzip invocation within upload-cover-image.pl (example: the code executes qx/unzip $filename...

9.8CVSS6.1AI score0.01803EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/06 6:33 p.m.4 views

EUVD-2026-19398

A vulnerability was found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This issue affects the function moveuploadedfile of the file /AssignmentSection/submission/upload.php. Performing a manipulation of the argument File results in unrestricted upload. Th...

6.5CVSS6.3AI score0.00206EPSS
Exploits0References6
NVD
NVD
added 2026/04/06 5:17 p.m.3 views

CVE-2026-5670

A vulnerability was found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This issue affects the function moveuploadedfile of the file /AssignmentSection/submission/upload.php. Performing a manipulation of the argument File results in unrestricted upload. Th...

6.5CVSS0.00206EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/06 4:45 p.m.22 views

CVE-2026-5670 Cyber-III Student-Management-System upload.php move_uploaded_file unrestricted upload

A vulnerability was found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This issue affects the function moveuploadedfile of the file /AssignmentSection/submission/upload.php. Performing a manipulation of the argument File results in unrestricted upload. Th...

6.5CVSS0.00206EPSS
Exploits0References5
CVE
CVE
added 2026/04/04 1:50 p.m.11 views

CVE-2016-20052

CVE-2016-20052 affects Snews CMS 1.7 and describes an unrestricted file upload vulnerability exploitable by unauthenticated attackers. The issue allows uploading arbitrary files—including PHP executables—to the snews_files directory via the multipart form-data upload endpoint. Attackers can then ...

9.8CVSS6.4AI score0.00951EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/04/03 3:30 p.m.5 views

GHSA-VPH7-R229-QXPF Focalboard doesn't validate file ownership when serving uploaded files

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to validate file ownership when serving uploaded files. This allows an authenticated attacker who knows a victim's fileID to read the content of the file. NOTE: Focalboard as a standalone product is not maintained and no fix will be issued...

4.3CVSS5.9AI score0.00221EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/03 3:30 p.m.6 views

EUVD-2026-18653

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to validate file ownership when serving uploaded files. This allows an authenticated attacker who knows a victim's fileID to read the content of the file. NOTE: Focalboard as a standalone product is not maintained and no fix will be issued...

4.3CVSS5.9AI score0.00221EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/03 3:30 p.m.11 views

Focalboard doesn't validate file ownership when serving uploaded files

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to validate file ownership when serving uploaded files. This allows an authenticated attacker who knows a victim's fileID to read the content of the file. NOTE: Focalboard as a standalone product is not maintained and no fix will be issued...

4.3CVSS5.9AI score0.00221EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/03 1:25 p.m.7 views

CVE-2026-28736

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to validate file ownership when serving uploaded files. This allows an authenticated attacker who knows a victim's fileID to read the content of the file. NOTE: Focalboard as a standalone product is not maintained and no fix will be issued...

4.3CVSS5.9AI score0.00221EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 4:8 a.m.3 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the POST multipart upload process. An attacker can write arbitrary files to any existing directory on the filesystem by crafting a specially constructed URL path containing directory traversal sequences and...

9.8CVSS6.3AI score0.00683EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/02 3:31 p.m.9 views

EUVD-2026-18229

SzafirHost downloads necessary files in the context of the initiating web page. When called, SzafirHost updates its dynamic library. JAR files are correctly verified based on a list of trusted file hashes, and if a file was not on that list, it was checked to see if it had been digitally signed b...

8.7CVSS5.9AI score0.00266EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/02 2:1 p.m.2 views

CVE-2026-26928

SzafirHost downloads necessary files in the context of the initiating web page. When called, SzafirHost updates its dynamic library. JAR files are correctly verified based on a list of trusted file hashes, and if a file was not on that list, it was checked to see if it had been digitally signed b...

8.7CVSS5.9AI score0.00266EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/02 2:1 p.m.23 views

CVE-2026-26928 Lack of Dynamic Library Validation in SzafirHost

SzafirHost downloads necessary files in the context of the initiating web page. When called, SzafirHost updates its dynamic library. JAR files are correctly verified based on a list of trusted file hashes, and if a file was not on that list, it was checked to see if it had been digitally signed b...

8.7CVSS0.00213EPSS
Exploits0References2
CVE
CVE
added 2026/04/02 2:1 p.m.25 views

CVE-2026-26928

CVE-2026-26928 affects SzafirHost. The vulnerability arises because the application does not verify the hash or the vendor’s digital signature for uploaded DLL/SO/JNILIB/DYLIB files, while JARs are checked. An attacker can supply a malicious dynamic library that is saved in the user’s temp folder...

8.7CVSS5.8AI score0.00213EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/01 10:26 p.m.2 views

Directory Traversal

Overview @payloadcms/storage-r2 is a Payload storage adapter for Cloudflare R2 Affected versions of this package are vulnerable to Directory Traversal via insufficient sanitization of filenames in the client-upload signed-URL endpoints for S3, GCS, Azure, and R2. An attacker can escape the intend...

7.1CVSS6.5AI score0.00341EPSS
Exploits0References2
NVD
NVD
added 2026/03/31 9:16 p.m.8 views

CVE-2026-34381

Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, Admidio relies on admmyfiles/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently igno...

7.5CVSS0.00575EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.12 views

PT-2026-29348

Name of the Vulnerable Software and Affected Versions Admidio versions 5.0.0 through 5.0.7 Description Admidio relies on .htaccess files to restrict direct HTTP access to uploaded documents. The Docker image is configured with AllowOverride None in the Apache configuration, causing these .htacces...

7.5CVSS5.8AI score0.00575EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-32097

PingPong is a platform for using large language models LLMs for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user-uploade...

8.8CVSS5.8AI score0.00288EPSS
Exploits0References1
Rows per page
Query Builder