Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 173 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-13799 User Private Files – File Upload & Download Manager with Secure File Sharing <= 2.1.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting deepakkiteFile Sharing & Download Manager – User Private Files Medium 6.4 2025-02-19 05:22:53 Deep Dive
CVE-2024-13504 Shared Files – Frontend File Upload Form & Secure File Sharing <= 1.7.42 - Limited Unauthenticated Stored Cross-Site Scripting via File Upload anssilaitilaShared Files – Frontend File Upload Form & Secure File Sharing High 7.2 2025-01-31 05:22:35 Deep Dive
CVE-2024-13562 Import WP – Export and Import CSV and XML files to WordPress <= 2.14.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory jcollingsImport WP – Export and Import CSV and XML files to WordPress High 7.5 2025-01-25 11:22:35 Deep Dive
CVE-2025-0635 Denial of Service condition in M-Files Server M-Files CorporationM-Files Server 中危 -2025-01-23 11:07:51 Deep Dive
CVE-2025-0619 Unsafe stored password recovery M-Files CorporationM-Files Server 低危 -2025-01-23 11:07:10 Deep Dive
CVE-2025-0648 M-Files Server crash via EOT database driver configuration M-Files CorporationM-Files Server 中危 -2025-01-23 11:06:19 Deep Dive
CVE-2025-23953 WordPress user files plugin <= 2.4.2 - Arbitrary File Upload vulnerability Scriptoniteuser files Critical 10.0 2025-01-22 14:29:25 Deep Dive
CVE-2024-13303 Download All Files - Critical - Access bypass - SA-CONTRIB-2024-069 DrupalDownload All Files 中危 -2025-01-09 20:24:31 Deep Dive
CVE-2024-13276 File Entity (fieldable files) - Moderately critical - Information Disclosure - SA-CONTRIB-2024-040 DrupalFile Entity (fieldable files) 中危 -2025-01-09 19:28:41 Deep Dive
CVE-2024-13237 File Entity (fieldable files) - Moderately critical - Cross Site Scripting, Access bypass - SA-CONTRIB-2024-001 DrupalFile Entity (fieldable files) 中危 -2025-01-09 18:15:24 Deep Dive
CVE-2024-12330 WP Database Backup – Unlimited Database & Files Backup by Backup for WP <= 7.3 - Unauthenticated Database Back-Up Exposure databasebackupWP Database Backup – Unlimited Database & Files Backup by Backup for WP High 7.5 2025-01-09 11:10:56 Deep Dive
CVE-2024-12493 Files Download Delay <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting blueberryaccFiles Download Delay Medium 6.4 2025-01-09 11:10:54 Deep Dive
CVE-2024-11010 FileOrganizer <= 1.1.4 - Authenticated (Administrator+) Local JavaScript File Inclusion softaculousFileOrganizer – WordPress File Manager High 7.2 2024-12-07 09:27:06 Deep Dive
CVE-2024-11103 Contest Gallery <= 24.0.7 - Unauthenticated Arbitrary Password Reset to Privilege Escalation/Account Takeover contest-galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe Critical 9.8 2024-11-28 09:47:09 Deep Dive
CVE-2024-11091 Support SVG – Upload svg files in wordpress without hassle <= 1.1.0 - Authenticated (Author+) Stored Cross-site Scripting via SVG File Upload sayedulsayemSupport SVG – Upload svg files in wordpress without hassle Medium 6.4 2024-11-26 08:31:55 Deep Dive
CVE-2024-10710 YaDisk Files <= 1.2.5 - Admin+ Stored XSS UnknownYaDisk Files--2024-11-25 06:00:06 Deep Dive
CVE-2024-10709 YaDisk Files <= 1.2.5 - Contributor+ Stored XSS via Shortcode UnknownYaDisk Files--2024-11-25 06:00:02 Deep Dive
CVE-2024-10126 Local file inclusion vulnerability in M-Files Server M-Files Corporation"M-Files Server--2024-11-20 08:37:41 Deep Dive
CVE-2024-10127 Support for authentication bypass condition in M-Files LDAP authentication M-Files CorporationM-Files Server--2024-11-20 08:36:03 Deep Dive
CVE-2024-11176 Incorrect evaluation of effective permissions in M-Files Aino M-Files CorporationM-Files Aino--2024-11-20 08:33:46 Deep Dive