Lucene search
K

8146 matches found

CVE
CVE
added 2026/06/20 11:57 a.m.203 views

CVE-2026-48908

SP Page Builder for Joomla (joomshaper.com) is affected by CVE-2026-48908. Versions prior to 6.6.12 allow unauthenticated users to upload arbitrary files, enabling PHP code upload and execution. This vulnerability can impact confidentiality, integrity, and availability of the affected site. The C...

10CVSS6.1AI score0.00734EPSS
Exploits3References3Affected Software1
CVE
CVE
added 2026/06/19 5:35 p.m.10 views

CVE-2019-25758

CVE-2019-25758 affects Joomla! component vBizz 1.0.7. The vulnerability is an unrestricted file upload in the profile_pic parameter, enabling authenticated attackers to upload arbitrary PHP files. By submitting malicious files via POST to the employee view endpoint, attackers can place PHP code i...

8.8CVSS6.4AI score0.0067EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/19 5:35 p.m.18 views

CVE-2019-25758 Joomla! Component vBizz 1.0.7 Remote Code Execution

Joomla! Component vBizz 1.0.7 contains an unrestricted file upload vulnerability that allows authenticated attackers to upload arbitrary PHP files by submitting malicious files through the profilepic parameter. Attackers can upload PHP files via POST requests to the employee view endpoint and...

8.8CVSS0.0067EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Velocity

An attacker who is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify Velocity templates running Apache...

9CVSS7.3AI score0.22709EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.23 views

Astra Linux – Vulnerability in Tomcat9

Path Equivalence: The use of ‘file.Name’ an internal dot notation can lead to Remote Code Execution, information disclosure, or the addition of malicious content to uploaded files via the write-enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat versions as follows: 11.0.0-...

10CVSS8.7AI score0.99945EPSS
Exploits46References2
OSV
OSV
added 2026/06/18 9:28 p.m.5 views

MGASA-2026-0226 Updated ruby-rack packages fix security vulnerabilities

CVE-2026-26961 Greedy multipart boundary parsing can cause parser differentials and WAF bypass. Forwarded header semicolon injection enables Host and Scheme spoofing. CVE-2026-34230 Quadratic complexity in Rack::Utils.selectbestencoding via wildcard Accept-Encoding header. CVE-2026-34763 Root...

7.5CVSS5.2AI score0.00475EPSS
Exploits1References14
EUVD
EUVD
added 2026/06/18 6:0 a.m.8 views

EUVD-2026-37852

The MagicForm WordPress plugin through 0.1.3 does not properly validate the type of files uploaded through an unauthenticated AJAX action when a form's per-field extension allowlist is left empty, allowing unauthenticated attackers to upload PHP files and execute arbitrary code on the server...

6.5CVSS5.9AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:42 p.m.22 views

CVE-2026-48997 e107: Command Injection via shell expansion in ImageMagick resize destination path

e107 is a content management system CMS. Versions 2.3.5 and earlier contain a command injection vulnerability in the ImageMagick resize destination path. In resizeimage, the source path is escaped with escapeshellarg, but the destination path is inserted inside raw double quotes in the convert...

7.1CVSS0.00747EPSS
Exploits0References2
CVE
CVE
added 2026/06/17 9:42 p.m.20 views

CVE-2026-48997

CVE-2026-48997 affects e107 CMS

7.1CVSS5.3AI score0.00747EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/17 6:43 p.m.4 views

Missing Authentication for Critical Function

Overview lfx is a lfx is a command-line tool for running Langflow workflows. It provides two main commands: serve and run. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the createuploadfile function. An attacker can exhaust server disk space...

9.3CVSS6AI score0.0031EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/17 6:11 p.m.13 views

EUVD-2026-36728

Multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads...

7.5CVSS5.2AI score0.00278EPSS
Exploits0References3
CVE
CVE
added 2026/06/17 3:34 p.m.12 views

CVE-2026-12515

The CVE concerns Katello within Red Hat Satellite where content uploads lack proper authorization checks in the ContentUploadsController. The issue allows users with the edit_products permission to query whether specific content exists in repositories outside their authorized products, revealing ...

4.3CVSS5.4AI score0.00197EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/17 3:34 p.m.7 views

CVE-2026-12515 Katello: missing repository authorization in content_uploads exposes cross-product content existence

A flaw was found in Katello's of Red Hat Satellite. A content upload functionality where insufficient authorization checks in the ContentUploadsController allowed users with the editproducts permission to query content information for repositories outside the products they were authorized to...

4.3CVSS5.3AI score0.00197EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/17 2:7 p.m.11 views

NocoDB: Stored Cross-Site Scripting via Secure Attachment

Summary With NCSECUREATTACHMENTS=true, an authenticated uploader could deliver .html or .svg attachments that the browser rendered inline from the NocoDB origin instead of forcing a download. Details The signed attachment handler stored response-header overrides under PascalCase keys...

5.1CVSS5.3AI score0.00288EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.19 views

PT-2026-50610

Name of the Vulnerable Software and Affected Versions Drupal core affected versions not specified Description The JSON:API and REST modules allow image file uploads to image fields. The validation rules verify the file extension but fail to check the file MIME type Multipurpose Internet Mail...

4.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.20 views

PT-2026-50598

Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.9.1 Description Unauthenticated users with network access can upload unlimited amounts of data to the server, which can lead to disk space exhaustion and a resulting denial-of-service. Additionally, the server...

9.3CVSS5.8AI score0.0031EPSS
Exploits1References11
NVD
NVD
added 2026/06/15 4:16 p.m.9 views

CVE-2026-5038

Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...

7.5CVSS0.00278EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/15 2:23 p.m.34 views

CVE-2026-5038 multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads

Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...

5.3CVSS0.00278EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/15 2:23 p.m.7 views

CVE-2026-5038 multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads

Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...

5.3CVSS5.4AI score0.00278EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 2:23 p.m.52 views

CVE-2026-5038

MULTER CVE-2026-5038 affects multer’s diskStorage: versions 2.0.0-alpha.1–2.1.1 and 3.0.0-alpha.1 are vulnerable. The root cause is that Readable.pipe() does not propagate the stream destroy signal to the underlying fs.WriteStream, allowing aborted or malformed multipart uploads to leave orphaned...

7.5CVSS5.3AI score0.00278EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder