Lucene search
K

6 matches found

NVD
NVD
added 2025/11/06 5:16 a.m.4 views

CVE-2025-12563

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to limited file upload due to an incorrect capability check on theuploadVideo function in all versions up to, and including, 8.6.0. This makes it possible for authenticated attackers, with Subscriber-level acce...

4.3CVSS0.00163EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/06 4:36 a.m.8 views

CVE-2025-12563 Blog2Social: Social Media Auto Post & Scheduler <= 8.6.0 - Incorrect Authorization to Video File Upload

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to limited file upload due to an incorrect capability check on theuploadVideo function in all versions up to, and including, 8.6.0. This makes it possible for authenticated attackers, with Subscriber-level acce...

4.3CVSS0.00163EPSS
Exploits0References2
CNVD
CNVD
added 2019/03/11 12:0 a.m.1 views

File upload vulnerability in OFCMS backend ueditor uploadVideo

OFCMS is a content management system developed based on java technology. A file upload vulnerability exists in the OFCMS backend ueditor uploadVideo, which can be exploited by an attacker to upload a webshell and gain access to the server, posing an information leakage and operational security ri...

6.9AI score
Exploits0
CNVD
CNVD
added 2019/03/07 12:0 a.m.2 views

OFCMS backend ueditor uploadVideo file upload vulnerability

OFCMS is a content management system based on Java technology. A backend ueditor uploadVideo file upload vulnerability exists in versions of OFCMS prior to 1.1.3. The vulnerability stems from the blocking of .jsp and .jspx files that fails to take into account file.jsp::$DATA in the...

7.2CVSS7.6AI score0.02708EPSS
Exploits1References1
OSV
OSV
added 2019/03/06 10:29 p.m.3 views

CVE-2019-9613

An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/ueditor/uploadVideo URI...

7.2CVSS7.3AI score0.02708EPSS
Exploits1References1
exploitpack
exploitpack
added 2008/12/18 12:0 a.m.31 views

Mini File Host 1.x - Arbitrary .PHP File Upload

Mini File Host 1.x - Arbitrary .PHP File Upload --------------------------------------------------------- Portal Name: Mini File Host Version: All version Vendor : http://www.galaxyscripts.com Dork: inurl:index.php?page=img Powered By Mini File Host Author : PouyaServer , [email protected]...

0.3AI score
Exploits0
Rows per page
Query Builder