Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Vulnrichment
Vulnrichmentadded 2025/08/20 1:48 p.m.6 views

CVE-2025-54926

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause remote code execution when an authenticated attacker with admin privileges uploads a malicious file over HTTP which then gets executed...

7.2CVSS7.8AI score0.00967EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/08/20 1:48 p.m.8 views

CVE-2025-54926

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause remote code execution when an authenticated attacker with admin privileges uploads a malicious file over HTTP which then gets executed...

7.2CVSS0.00967EPSS
Exploits0References1
CVE
CVEadded 2025/08/20 1:48 p.m.11 views

CVE-2025-54926

CVE-2025-54926 affects Schneider Electric EcoStruxure Power Monitoring Expert (and Power Operation) with a directory traversal vulnerability that may enable remote code execution. The issue stems from improper validation in path handling (GetTgmlContent) and requires authenticated admin privilege...

7.2CVSS7.8AI score0.00967EPSS
Exploits0References1
OSV
OSVadded 2025/03/18 2:15 p.m.2 views

CVE-2025-2490

A vulnerability was found in Dromara ujcms 9.7.5. It has been rated as problematic. Affected by this issue is the function uploadZip/upload of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileUploadController.java of the component File Upload. The manipulation leads to cross site...

5.4CVSS5.4AI score
Exploits0References5
CNNVD
CNNVDadded 2024/12/02 12:0 a.m.1 views

LibrePhotos 安全漏洞

LibrePhotos is a self-hosted open source photo management service open-sourced by LibrePhotos. LibrePhotos suffers from a security vulnerability that stems from susceptibility to a cross-site scripting attack, where an attacker can take over any account by uploading an HTML file on behalf of an...

4.8CVSS6AI score0.05295EPSS
Exploits0References3
NVD
NVDadded 2023/06/14 2:15 p.m.15 views

CVE-2023-34747

File upload vulnerability in ujcms 6.0.2 via /api/backend/core/web-file-upload/upload...

9.8CVSS9.5AI score0.28975EPSS
Exploits1References1
OSV
OSVadded 2023/06/14 2:15 p.m.12 views

CVE-2023-34747

File upload vulnerability in ujcms 6.0.2 via /api/backend/core/web-file-upload/upload...

9.8CVSS6.9AI score
Exploits0References1
Prion
Prionadded 2023/06/14 2:15 p.m.15 views

Unrestricted file upload

File upload vulnerability in ujcms 6.0.2 via /api/backend/core/web-file-upload/upload...

7.5CVSS9.4AI score0.28975EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2023/06/14 12:0 a.m.11 views

CVE-2023-34747

File upload vulnerability in ujcms 6.0.2 via /api/backend/core/web-file-upload/upload...

9.8AI score0.28975EPSS
Exploits1References1
CVE
CVEadded 2023/06/14 12:0 a.m.153 views

CVE-2023-34747

CVE-2023-34747 corresponds to a file upload vulnerability in ujcms 6.0.2, exploitable via the API endpoint /api/backend/core/web-file-upload/upload. The issue is described as an unrestricted file upload that can impact confidentiality, integrity, and availability (CVSS v3.1: 9.8 CRITICAL, Network...

9.8CVSS9.4AI score0.28975EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder