Lucene search
K

4 matches found

Snyk
Snyk
added 2026/03/16 9:16 p.m.5 views

Arbitrary File Upload

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Arbitrary File Upload through the UploadHandlerFile process. An attacker can execute arbitrary code on the server by uploading a...

8.8CVSS6.3AI score0.00982EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:34 a.m.8 views

CVE-2024-4135

The WP Latest Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.7. This is due to the plugin allowing users to execute an action that does not properly validate a user-supplied value prior to using that value in a call to...

5.4CVSS6.3AI score0.00376EPSS
Exploits0References1
OSV
OSV
added 2024/07/10 5:15 a.m.1 views

DEBIAN-CVE-2024-39330

An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generatefilename without replicating the file-path validations from the parent class, potentially allow directory traversal via certain...

4.3CVSS6.3AI score0.01008EPSS
Exploits0References1
OSV
OSV
added 2024/07/09 2:0 p.m.3 views

UBUNTU-CVE-2024-39329

An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password...

5.3CVSS6.7AI score0.00889EPSS
Exploits0References4
Rows per page
Query Builder