| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-2299 | Allow SVG Files <= 1.1 - Author+ Stored Cross Site Scripting via SVG | Unknown | Allow svg files | 中危 | - | 2022-07-25 12:48:09 | Deep Dive |
| CVE-2022-2146 | Import CSV Files <= 1.0 - Reflected Cross-Site Scripting | Unknown | Import CSV Files | 中危 | - | 2022-07-17 10:36:27 | Deep Dive |
| CVE-2022-1939 | Allow SVG Files < 1.1 - Admin+ Arbitrary File Upload | Unknown | Allow svg files | 高危 | - | 2022-06-20 10:26:20 | Deep Dive |
| CVE-2022-1793 | Private Files <= 0.40 - Protection Disabling via CSRF | Unknown | Private Files | 中危 | - | 2022-06-13 12:43:02 | Deep Dive |
| CVE-2022-30731 | Samsung My Files 安全漏洞 | Samsung Mobile | My Files | Medium | 5.1 | 2022-06-07 18:09:55 | Deep Dive |
| CVE-2022-1570 | Files Download Delay < 1.0.7 - Subscriber+ Settings Reset | Unknown | Files Download Delay | 中危 | - | 2022-06-06 08:51:07 | Deep Dive |
| CVE-2022-29425 | WordPress Checkout Files Upload for WooCommerce plugin <= 2.1.2 - Cross-Site Scripting (XSS) vulnerability | WP Wham | Checkout Files Upload for WooCommerce (WordPress plugin) | Medium | 6.1 | 2022-05-20 19:58:18 | Deep Dive |
| CVE-2021-41810 | Script injection in M-Files Admin | M-Files Corporation | M-Files Server | Medium | 5.2 | 2022-05-02 19:06:12 | Deep Dive |
| CVE-2022-1273 | Import WP < 2.4.6 - Admin+ Arbitrary File Upload to RCE | Unknown | Import WP – Import and Export WordPress data to XML or CSV files | 高危 | - | 2022-05-02 16:05:55 | Deep Dive |
| CVE-2022-0707 | Easy Digital Downloads < 2.11.6 - Arbitrary Payment Note Insertion via CSRF | Unknown | Easy Digital Downloads – Simple eCommerce for Selling Digital Files | 中危 | - | 2022-04-18 17:10:31 | Deep Dive |
| CVE-2022-0706 | Easy Digital Downloads < 2.11.6 - Admin+ Stored Cross-Site Scripting | Unknown | Easy Digital Downloads – Simple eCommerce for Selling Digital Files | 中危 | - | 2022-04-18 17:10:29 | Deep Dive |
| CVE-2021-41808 | In M-Files Server product with versions before 21.11.10775.0, enabling logging of federated authentication would write sensitive information to event logs. | M-Files | M-Files Server | Low | 2.0 | 2022-01-18 16:51:52 | Deep Dive |
| CVE-2021-41807 | Lack of rate limiting in M-Files Server and M-Files Web products with versions before 21.12.10873.0, allows brute-forcing of certain type of user accounts. | M-Files | M-Files Server | High | 7.5 | 2022-01-18 16:51:51 | Deep Dive |
| CVE-2021-41809 | SSRF vulnerability in M-Files Server products with versions before 22.1.11017.1, allows requests from server. | M-Files | M-Files Server | Low | 3.5 | 2022-01-18 16:51:50 | Deep Dive |
| CVE-2021-24856 | Shared Files < 1.6.61 - Admin+ Stored Cross-Site Scripting | Unknown | Shared Files – Easy Download Manager and File Sharing Plugin with Frontend File Upload | 中危 | - | 2021-11-17 10:16:00 | Deep Dive |
| CVE-2021-24736 | Shared Files < 1.6.57 - Admin+ Stored Cross-Site Scripting | Unknown | Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files | 中危 | - | 2021-10-18 13:46:06 | Deep Dive |
| CVE-2021-24349 | Gallery From Files <= 1.6.0 - Reflected Cross-Site Scripting (XSS) | Unknown | Gallery from files | 中危 | - | 2021-06-14 13:37:13 | Deep Dive |
| CVE-2021-24171 | WooCommerce Upload Files < 59.4 - Unauthenticated Arbitrary File Upload | Unknown | WooCommerce Upload Files | 超危 | - | 2021-04-05 18:27:44 | Deep Dive |
| CVE-2020-2271 | CloudBees Jenkins Locked Files Report 跨站脚本漏洞 | Jenkins project | Jenkins Locked Files Report Plugin | 中危 | - | 2020-09-16 13:20:47 | Deep Dive |
| CVE-2018-16462 | apex-publish-static-files npm 命令注入漏洞 | - | apex-publish-static-files | 超危 | - | 2018-10-30 21:00:00 | Deep Dive |