📦 Vvvebjs

CVE-2024-27480 is an insecure file upload vulnerability in VvvebJs 1.7.2 that allows attackers to upload malicious files without proper validation. This can lead to remote code execution or server com...

VvvebJs 1.7.2 contains an unrestricted file upload vulnerability in save.php that allows attackers to upload arbitrary files, including malicious scripts. This affects all deployments using the vulner...

CVE-2024-25181 is a critical vulnerability in givanz VvvebJs 1.7.2 that allows attackers to perform Server-Side Request Forgery (SSRF) and read arbitrary files on the server. This occurs due to improp...

CVE-2024-25183 is a directory traversal vulnerability in givanz VvvebJs 1.7.2 that allows attackers to read arbitrary files on the server via the scan.php endpoint. This affects all systems running th...

This critical vulnerability in Vvvebjs allows remote attackers to perform path traversal attacks via the 'File' parameter in /save.php. Attackers can potentially read, write, or delete files outside t...