Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2025/11/08 4:54 p.m.17 views

CVE-2025-12862

A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by this issue is some unknown functionality of the file /dashboard/userprofile.php. Such manipulation of the argument image leads to unrestricted upload. The attack may be performed from remote. The exploi...

9.8CVSS6.6AI score0.00326EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-52330

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01701EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:49 p.m.7 views

CVE-2022-30423

Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution RCE vulnerability in the user profile upload point in the system information...

9.8CVSS7.8AI score0.01701EPSS
Exploits1References1
CVE
CVE
added 2025/01/16 12:0 a.m.53 views

CVE-2024-40513

CVE-2024-40513 affects themesebrand Chatvia v5.3.2. The vulnerability allows remote attackers to execute arbitrary code via the User profile Upload image function. Public details confirm impact and affected version; however, the exact root cause and exploit details are not provided in the documen...

4.6CVSS7.9AI score0.00446EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/04/10 4:15 p.m.3 views

CVE-2024-23734

Cross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify before 2.0.1 for Bitbucket allow attackers to replace S/MIME certificate or PGP keys for arbitrary users via crafted link...

5.2CVSS5.9AI score0.0014EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/10 12:0 a.m.33 views

CVE-2024-23734

Cross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify before 2.0.1 for Bitbucket allow attackers to replace S/MIME certificate or PGP keys for arbitrary users via crafted link...

7AI score0.0014EPSS
Exploits0References2
OSV
OSV
added 2022/06/02 2:15 p.m.3 views

CVE-2022-30423

Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution RCE vulnerability in the user profile upload point in the system information...

9.8CVSS6.3AI score0.01701EPSS
Exploits1References1
NVD
NVD
added 2022/06/02 2:15 p.m.15 views

CVE-2022-30423

Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution RCE vulnerability in the user profile upload point in the system information...

9.8CVSS0.01701EPSS
Exploits1References1
Prion
Prion
added 2022/06/02 2:15 p.m.10 views

Information disclosure

Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution RCE vulnerability in the user profile upload point in the system information...

7.5CVSS9.7AI score0.01701EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.3 views

Merchandise Online Store 代码问题漏洞

Merchandise Online Store is a Merchandise Online Store system developed by Carlo Montero. A security vulnerability exists in Merchandise Online Store v1.0, which is caused by a remote code injection issue in the user profile upload port on the system information page...

9.8CVSS8.8AI score0.01701EPSS
Exploits1References2
CVE
CVE
added 2022/05/27 1:38 p.m.56 views

CVE-2022-30423

CVE-2022-30423 affects Merchandise Online Store v1.0 by oretnom23. The vulnerability is described as an arbitrary code execution (RCE) in the user profile upload point on the system information page. The available connected documents corroborate an RCE impact but do not provide technical details ...

9.8CVSS9.7AI score0.01701EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/05/27 1:38 p.m.21 views

CVE-2022-30423

Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution RCE vulnerability in the user profile upload point in the system information...

9.9AI score0.01701EPSS
Exploits1References1
Hacker One
Hacker One
added 2021/04/13 8:39 p.m.12 views

MTN Group: Remote code execution due to unvalidated file upload

Summary: Hello I found a critical vunerability in one of your site, where user can upload any file type as a profile picture including php file Steps To Reproduce: 1. Visit https://careers.mtn.cm and register as a user. 2. After successful registration, login and update your data. 3. When uploadi...

7.4AI score
Exploits0
Rows per page
Query Builder