Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

ATTACKERKB
ATTACKERKBadded 2026/05/10 12:43 p.m.4 views

CVE-2021-47936

OpenCATS 0.9.4 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by uploading malicious PHP files disguised as resume attachments. Attackers can upload PHP payloads through the careers job application endpoint and execute system...

9.8CVSS6.7AI score0.00295EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-6705

Malicious code in bioql PyPI...

8.8CVSS4.7AI score0.02983EPSS
Exploits2References1
NVD
NVDadded 2022/02/09 2:15 p.m.9 views

CVE-2021-46360

Authenticated remote code execution RCE in Composr-CMS 10.0.39 and earlier allows remote attackers to execute arbitrary code via uploading a PHP shell through /adminzone/index.php?page=admin-commandr...

8.8CVSS0.04222EPSS
Exploits4References2
OSV
OSVadded 2019/07/24 2:15 p.m.13 views

CVE-2019-1010178

Fred MODX Revolution 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixed version is:...

9.8CVSS7.4AI score
Exploits0References1
Prion
Prionadded 2019/07/24 2:15 p.m.10 views

Design/Logic Flaw

Fred MODX Revolution 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixed version is:...

7.5CVSS9.6AI score0.02373EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2019/07/24 1:50 p.m.14 views

CVE-2019-1010178

Fred MODX Revolution 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixed version is:...

9.7AI score0.02373EPSS
Exploits1References1
CVE
CVEadded 2019/07/24 1:50 p.m.127 views

CVE-2019-1010178

CVE-2019-1010178 affects MODX Revolution ≤ 1.0.0-beta4/β5 via the Fred add-on (assets/components/fred/web/elfinder/connector.php). The root cause is Incorrect Access Control (CWE-648), enabling Remote Code Execution. The attack vector involves uploading a PHP file or altering data in the database...

9.8CVSS9.6AI score0.02373EPSS
Exploits1References1Affected Software1
exploitpack
exploitpackadded 2010/05/16 12:0 a.m.16 views

File Thingie 2.5.5 - File Security Bypass

File Thingie 2.5.5 - File Security Bypass Title: File Thingie v2.5.5 File Security Bypass Author: Jeremiah Talamantes RedTeam Security Website: http://www.redteamsecure.com/labs Date: 5/15/2010 Application: File Thingie Version: 2.5.5 Link: http://www.solitude.dk/filethingie/download Description:...

Exploits0
Rows per page
Query Builder