Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded 2024/11/18 8:4 p.m.10 views

CVE-2024-51743 Arbitrary File Write leading up to remote code execution (instructor accounts)

MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability in the update/upload/create file methods in Controllers allows authenticated instructors to write arbitrary files to any location on the web server...

7.1CVSS0.02703EPSS
Exploits0References2
CVE
CVEadded 2022/11/25 12:0 a.m.59 views

CVE-2022-45476

Tiny File Manager 2.4.8 is vulnerable to insecure file upload that allows server-side execution of uploaded code. Multiple sources describe unauthenticated remote code execution via processing uploaded files instead of serving them for download, enabling attackers to run arbitrary code on the ser...

9.8CVSS9.4AI score0.00947EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2022/11/25 12:0 a.m.66 views

CVE-2022-23044

CVE-2022-23044 affects Tiny File Manager 2.4.8 and is caused by a CSRF vulnerability that allows an unauthenticated remote attacker to persuade users to perform unintended actions within the application. The initial description confirms CSRF as the root cause and unauthenticated access, with prac...

8.8CVSS8.6AI score0.01198EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/11/25 12:0 a.m.12 views

CVE-2022-45475

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to access the application's internal files. This is possible because the application is vulnerable to broken access control...

6.7AI score0.00923EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/11/25 12:0 a.m.12 views

CVE-2022-45476

Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload...

9.7AI score0.00947EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/02/07 9:23 p.m.13 views

CVE-2021-45281

QuickBox Pro v2.4.8 contains a cross-site scripting XSS vulnerability at "adminuseredit.php?usertoedit=XSS", as the user supplied input for the value of this parameter is not properly sanitized...

6.2AI score0.0024EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2016/07/20 12:0 a.m.32 views

Fedora 24 : php-doctrine-orm (2016-f0c8b7b115)

v2.4.8 Security - CVE-2015-5723 php-doctrine-orm filesystem permission issues - https://access.redhat.com/security/cve/CVE-2015-5723 - http://www.doctrine-project.org/2015/08/31/securitymisconfigurationvulnerabilityinvariousdoctrineprojects.html Bug - DDC-3310 - GH-1138 Join column index names -...

7.8CVSS7.2AI score0.00033EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2016/07/20 12:0 a.m.23 views

Fedora 23 : php-doctrine-orm (2016-7e229134f9)

v2.4.8 Security - CVE-2015-5723 php-doctrine-orm filesystem permission issues - https://access.redhat.com/security/cve/CVE-2015-5723 - http://www.doctrine-project.org/2015/08/31/securitymisconfigurationvulnerabilityinvariousdoctrineprojects.html Bug - DDC-3310 - GH-1138 Join column index names -...

7.8CVSS7.2AI score0.00033EPSS
Exploits0References2
Rows per page
Query Builder