cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-24998,https://securityvulnerability.io/vulnerability/CVE-2023-24998,"Apache Commons FileUpload, Apache Tomcat: FileUpload DoS with excessive parts","The Apache Commons FileUpload before version 1.5 is susceptible to a Denial of Service attack due to its failure to restrict the number of parts processed in a request. This oversight allows an attacker to exploit the system by making malicious uploads or sending a series of uploads, potentially overwhelming the application. Additionally, the new configuration option, FileUploadBase#setFileCountMax, which addresses this issue by limiting the number of request parts, is not enabled by default and requires explicit configuration to safeguard against these attacks.",Apache,"Apache Commons Fileupload,Apache Tomcat",7.5,HIGH,0.011350000277161598,false,,false,false,true,2023-03-29T01:36:29.000Z,true,false,false,,2023-02-20T16:15:00.000Z,0
CVE-2016-1000031,https://securityvulnerability.io/vulnerability/CVE-2016-1000031,,Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution,Apache,Commons Fileupload,9.8,CRITICAL,0.11722999811172485,false,,false,false,false,,,false,false,,2016-10-25T14:00:00.000Z,0
CVE-2013-0248,https://securityvulnerability.io/vulnerability/CVE-2013-0248,,"The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.",Apache,Commons Fileupload,,,0.0004199999966658652,false,,false,false,false,,,false,false,,2013-03-15T01:00:00.000Z,0