Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

54 matches found

RedhatCVE
RedhatCVEadded 2025/12/29 7:0 a.m.2 views

CVE-2025-15109

A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an unknown function of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit h...

7.5CVSS6.6AI score0.00041EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/12/29 7:0 a.m.2 views

CVE-2025-15110

A vulnerability has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. Affected is the function Upload of the file Admin/Home/Controller/ProductImageController.class.php of the component Backend. Such manipulation of the argument File leads to unrestricted upload. It is...

7.2CVSS6.9AI score0.00012EPSS
Exploits1References1
EUVD
EUVDadded 2025/12/27 9:30 p.m.2 views

EUVD-2025-205481

A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an unknown function of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit h...

7.5CVSS6.2AI score0.00041EPSS
Exploits0References5
OSV
OSVadded 2025/12/27 8:15 p.m.0 views

CVE-2025-15110

A vulnerability has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. Affected is the function Upload of the file Admin/Home/Controller/ProductImageController.class.php of the component Backend. Such manipulation of the argument File leads to unrestricted upload. It is...

7.2CVSS5.4AI score0.00012EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2025/12/27 8:2 p.m.1 views

CVE-2025-15110 jackq XCMS Backend ProductImageController.class.php upload unrestricted upload

A vulnerability has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. Affected is the function Upload of the file Admin/Home/Controller/ProductImageController.class.php of the component Backend. Such manipulation of the argument File leads to unrestricted upload. It is...

5.8CVSS6.7AI score0.00012EPSS
Exploits1References5
CVE
CVEadded 2025/12/27 8:2 p.m.7 views

CVE-2025-15110

The CVE describes a flaw in jackq XCMS Backend where the Upload function in Admin/Home/Controller/ProductImageController.class.php mishandles the File argument, enabling unrestricted remote file uploads. Multiple sources confirm the affected component and argue that manipulating the File paramete...

7.2CVSS6.7AI score0.00012EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2025/12/27 7:15 p.m.3 views

CVE-2025-15109

A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an unknown function of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit h...

7.5CVSS0.00041EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/12/27 6:32 p.m.1 views

CVE-2025-15109 jackq XCMS upload.php unrestricted upload

A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an unknown function of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit h...

7.5CVSS7.2AI score0.00041EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/12/27 6:32 p.m.19 views

CVE-2025-15109 jackq XCMS upload.php unrestricted upload

A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an unknown function of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit h...

7.5CVSS0.00041EPSS
Exploits0References5
CVE
CVEadded 2025/12/27 6:32 p.m.10 views

CVE-2025-15109

CVE-2025-15109 concerns jackq XCMS up to build 3fab5342cc509945a7ce1b8ec39d19f701b89261, where the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php contains a flaw that allows unrestricted file upload. The vulnerability can be triggered remotely and is supported by multiple source...

7.5CVSS6.3AI score0.00041EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2025/12/27 12:0 a.m.6 views

PT-2025-53626

Name of the Vulnerable Software and Affected Versions jackq XCMS versions prior to 3fab5342cc509945a7ce1b8ec39d19f701b89261 Description A flaw exists in jackq XCMS that allows for unrestricted file upload. The issue is located in the Upload function within the...

5.8CVSS6.8AI score0.00012EPSS
Exploits1References10
Positive Technologies
Positive Technologiesadded 2025/12/27 12:0 a.m.4 views

PT-2025-53625

Name of the Vulnerable Software and Affected Versions jackq XCMS versions prior to 3fab5342cc509945a7ce1b8ec39d19f701b89261 Description A flaw exists in jackq XCMS that allows for unrestricted file upload. This issue impacts an unknown function within the file...

7.5CVSS6.4AI score0.00041EPSS
Exploits0References11
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2007-6617

Malware in sbrugna...

7.5CVSS6.4AI score0.05793EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2007-6570

Malware in sbrugna...

5CVSS6.4AI score0.03181EPSS
Exploits1References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2007-5041

Malware in sbrugna...

4.3CVSS6.4AI score0.00382EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2007-3507

Malware in sbrugna...

6.4CVSS6.4AI score0.06345EPSS
Exploits0References6
Packet Storm
Packet Stormadded 2023/04/03 12:0 a.m.1085 views

XCMS 1.83 Remote Command Execution

Exploit Title: XCMS v1.83 - Remote Command Execution RCE Author: Onurcan Email: [email protected] Site: ihteam.net Script Download : http://www.xcms.it Date: 26/12/2022 The xcms's footerthat is in "/dati/generali/footer.dtb" is included in each page of the xcms. Taking "home.php" for example...

6.8AI score
Exploits0
0day.today
0day.todayadded 2023/04/02 12:0 a.m.285 views

XCMS v1.83 - Remote Command Execution Exploit

Exploit Title: XCMS v1.83 - Remote Command Execution RCE Author: Onurcan Email: email protected Site: ihteam.net Script Download : http://www.xcms.it Date: 26/12/2022 The xcms's footerthat is in "/dati/generali/footer.dtb" is included in each page of the xcms. Taking "home.php" for example: So th...

6.8AI score
Exploits0
0day.today
0day.todayadded 2016/10/03 12:0 a.m.28 views

Arabseed XCMS V1.0.9 SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title : Arabseed XCMS V1.0.9 SQL injection Vulnerability Exploit Author : xBADGIRL21 Vendor Homepage : http://arabseed.com/ Tested on: BACKBOX MyBlog : http://xbadgirl21.blogspot.com/ skype:xbadgirl21 Date: 07/09/2016 video Proof :...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2016/09/20 12:0 a.m.46 views

Arabseed XCMS m1.php parameter id SQL injection vulnerability

No description provided by source...

7.1AI score
Exploits0
Rows per page
Query Builder