Lucene search

Eprints Security Vulnerabilities

cve

EPrints 3.4.2 exposes a reflected XSS opportunity in the dataset parameter to the cgi/dataset_dictionary...

6.1CVSS

6.2AI Score

0.002EPSS

2021-03-01 10:15 PM

cve

EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted JSON/XML input to a cgi/ajax/phrase...

9.8CVSS

9.5AI Score

0.015EPSS

2021-03-01 10:15 PM

cve

EPrints 3.4.2 allows remote attackers to execute arbitrary commands via crafted input to the verb parameter in a cgi/toolbox/toolbox...

8.8CVSS

9AI Score

0.009EPSS

2021-03-01 10:15 PM

cve

EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year=...

9.8CVSS

9.6AI Score

0.014EPSS

2021-03-01 10:15 PM

cve

EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted LaTeX input to a cgi/latex2png?latex=...

9.8CVSS

9.5AI Score

0.013EPSS

2021-03-01 10:15 PM

cve

EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal...

6.1CVSS

6.1AI Score

0.002EPSS

2021-03-01 10:15 PM