Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file file 4.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-31011
Arbitrary file write vulnerability in beescms v.4.0, allows a remote malicious user to execute arbitrary code via a file path that was not isolated and the suffix was not verified in admin_template.php.
NA
CVE-2024-2015
A vulnerability, which was classified as critical, has been found in ZhiCms 4.0. This issue affects the function getindexdata of the file app/index/controller/mcontroller.php. The manipulation of the argument key leads to sql injection. The attack may be initiated remotely. The e...
NA
CVE-2024-2016
A vulnerability, which was classified as critical, was found in ZhiCms 4.0. Affected is the function index of the file app/manage/controller/setcontroller.php. The manipulation of the argument sitename leads to code injection. It is possible to launch the attack remotely. The exp...
NA
CVE-2024-2133
A vulnerability, which was classified as problematic, was found in Bdtask Isshue Multi Store eCommerce Shopping Cart Solution 4.0. This affects an unknown part of the file /dashboard/Cinvoice/manage_invoice of the component Manage Sale Page. The manipulation of the argument Title...
8.6
CVSSv3
CVE-2024-21626
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and previous versions, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working director...
Linuxfoundation Runc
Fedoraproject Fedora 39
22 Github repositories
1 Article
9.8
CVSSv3
CVE-2024-0603
A vulnerability classified as critical has been found in ZhiCms up to 4.0. This affects an unknown part of the file app/plug/controller/giftcontroller.php. The manipulation of the argument mylike leads to deserialization. It is possible to initiate the attack remotely. The exploi...
Zhicms Zhicms
6.5
CVSSv3
CVE-2023-51805
SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote malicious user to obtain sensitive information via the getFormKey parameter in the search function of FormDataMysqlService.java file.
Tduckcloud Tduck-platform 4.0
9.8
CVSSv3
CVE-2020-26629
A JQuery Unrestricted Arbitrary File Upload vulnerability exists in Hospital Management System V4.0 which allows an unauthenticated malicious user to upload any file to the server.
Phpgurukul Hospital Management System 4.0
9.8
CVSSv3
CVE-2023-51475
Unrestricted Upload of File with Dangerous Type vulnerability in IOSS WP MLM SOFTWARE PLUGIN.This issue affects WP MLM SOFTWARE PLUGIN: from n/a up to and including 4.0.
Wpmlmsoftware Wp Mlm Unilevel
7.8
CVSSv3
CVE-2022-22942
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.
Vmware Photon Os 4.0
Vmware Photon Os 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »