Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded 2026/01/08 9:17 a.m.26 views

CVE-2025-67924 WordPress Corpkit theme <= 2.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Corpkit corpkit allows Upload a Web Shell to a Web Server.This issue affects Corpkit: from n/a through = 2.0...

9.9CVSS0.00082EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-52744

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00191EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/07/04 12:0 a.m.2 views

PT-2025-27906 · Liquidthemes · Logisticshub

Name of the Vulnerable Software and Affected Versions: LiquidThemes LogisticsHub versions 1.1.6 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to significant security...

10CVSS6.2AI score0.00414EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/05/23 12:43 p.m.4 views

CVE-2025-47658 WordPress ELEX HelpDesk & Customer Ticketing System plugin <= 3.2.9 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System elex-helpdesk-customer-support-ticket-system allows Upload a Web Shell to a Web Server.This issue affects ELEX WordPress HelpDesk & Customer Ticketing System: from n/a...

9.9CVSS7.2AI score0.0032EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/05/07 12:0 a.m.8 views

PT-2025-20163 · Unknown · Themefic Instantio

Name of the Vulnerable Software and Affected Versions: Themefic Instantio versions n/a through 3.3.16 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and...

7.2CVSS7.7AI score0.00391EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2025/01/24 12:0 a.m.4 views

PT-2025-5474 · Unknown · Themefic Tourfic

Name of the Vulnerable Software and Affected Versions: Themefic Tourfic versions 2.15.3 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can lead to web shell attacks. Recommendations: For...

9.1CVSS9.3AI score0.00204EPSS
Exploits0References7
The Hacker News
The Hacker Newsadded 2024/11/18 11:36 a.m.32 views

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17)

What do hijacked websites, fake job offers, and sneaky ransomware have in common? They're proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week makes one thing clear: no system, no person, no organization is truly off-limits. Attackers are...

9.9CVSS9.4AI score0.9438EPSS
Exploits656
Microsoft Secure
Microsoft Secureadded 2020/02/04 5:30 p.m.8470 views

Ghost in the shell: Investigating web shell attacks

Recently, an organization in the public sector discovered that one of their internet-facing servers was misconfigured and allowed attackers to upload a web shell, which let the adversaries gain a foothold for further compromise. The organization enlisted the services of Microsoft’s Detection and...

7.5CVSS0.3AI score0.9443EPSS
Exploits56
Rows per page
Query Builder