13 matches found
CVE-2025-12923
A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the file /dev-api/common/download. Executing manipulation of the argument path can lead to path traversal. The attack can be launched remotely. The exploit has been...
CVE-2024-12923
creationtimestamp| type| source ---|---|--- 2025-08-29 17:20:07+00:00| seen| Telegram/JfT9dJFoS4cHTty3zhUYt99cQVGZMf1BlwzDmX-oX0-2vA...
CVE-2024-12923
A cross-site scripting XSS vulnerability has been reported to affect Photo Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: Photo...
CVE-2020-12923
...
CVE-2020-12923
CVE-2020-12923 is rejected/not used per the Initial Description; this entry does not represent an active vulnerability.
MailEnable vulnerability warning CVE-2019-12923~CVE-2019-12927-the vulnerability warning-the black bar safety net
Recently, the mail server MailEnable broke a set of vulnerabilities, the first time for tracking and analysis of early warning. The study found that, using the set of vulnerabilities that an attacker can achieve the user data CRUD, the file is read and a portion of the override operation...
CVE-2019-12923
creationtimestamp| type| source ---|---|--- 2019-07-08 23:59:53+00:00| seen| https://t.me/cveNotify/320...
CVE-2019-12923
CVE-2019-12923 affects MailEnable Enterprise Premium (versions around 10.23/10.24). The CSRF protection was not implemented correctly, allowing bypass by removing the anti-CSRF token parameter. This could let an attacker manipulate a user into performing actions in the application (e.g., sending ...
CVE-2018-12923
CVE-2018-12923 : The BWS Systems HA-Bridge devices are vulnerable to an information-disclosure issue where a remote attacker can obtain sensitive information by issuing a direct request to the #!/system URI. The available documents identify this as a vulnerability in the HA-Bridge, describing the...
CVE-2017-12923
OLEStream::WriteVTLPSTR in olestrm.cpp in libfpx 1.3.1p6 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted fpx image...
CVE-2017-12923
OLEStream::WriteVTLPSTR in olestrm.cpp in libfpx 1.3.1p6 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted fpx image...
CVE-2017-12923
CVE-2017-12923 concerns libfpx 1.3.1_p6. The flaw is in OLEStream::WriteVT_LPSTR (olestrm.cpp) that allows a remote attacker to cause a denial of service via a specially crafted FPX image, resulting in a NULL pointer dereference. The vulnerability is described across multiple sources (NVD entry a...
Unfixed XSS vulnerability at vietson.com
Security researcher TreX, has submitted on 13/12/2007 a cross-site-scripting XSS vulnerability affecting vietson.com, which at the time of submission ranked 12923 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/01/2008. It is currently...