2 matches found
CVE-2026-5615
creationtimestamp| type| source ---|---|--- 2026-04-06 06:16:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mismhitqy424 2026-04-06 07:24:22+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-5615.yaml 2026-04-11...
CVE-2026-5615 givanz Vvvebjs File Upload Endpoint upload.php cross site scripting
A weakness has been identified in givanz Vvvebjs up to 2.0.5. The affected element is an unknown function of the file upload.php of the component File Upload Endpoint. This manipulation of the argument uploadAllowExtensions causes cross site scripting. Remote exploitation of the attack is possibl...