CVE-2022-25832

Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication...

CVE-2020-25832

Reflected Cross Site scripting vulnerability on Micro Focus Filr product, affecting version 4.2.1. The vulnerability could be exploited to perform Reflected XSS attack...

DataCube3 v1.0 - Unrestricted file upload Remote Code Execution Exploit

Exploit Title: DataCube3 v1.0 - Unrestricted file upload 'RCE' Exploit Author: Samy Younsi - NS Labs https://neroteam.com Vendor Homepage: https://www.f-logic.jp Software Link: https://www.f-logic.jp/pdf/support/manualproduct/manualproductdatacube3ver1.0sc.pdf Version: Ver1.0 Tested on: DataCube3...

DataCube3 1.0 Shell Upload

Exploit Title: DataCube3 v1.0 - Unrestricted file upload 'RCE' Date: 7/28/2022 Exploit Author: Samy Younsi - NS Labs https://neroteam.com Vendor Homepage: https://www.f-logic.jp Software Link: https://www.f-logic.jp/pdf/support/manualproduct/manualproductdatacube3ver1.0sc.pdf Version: Ver1.0 Test...

DataCube3 v1.0 - Unrestricted file upload 'RCE'

Exploit Title: DataCube3 v1.0 - Unrestricted file upload 'RCE' Date: 7/28/2022 Exploit Author: Samy Younsi - NS Labs https://neroteam.com Vendor Homepage: https://www.f-logic.jp Software Link: https://www.f-logic.jp/pdf/support/manualproduct/manualproductdatacube3ver1.0sc.pdf Version: Ver1.0 Test...

CVE-2024-25832

creationtimestamp| type| source ---|---|--- 2024-03-06 04:16:31+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/6731 2024-03-06 19:16:14+00:00| published-proof-of-concept| https://t.me/proxybar/1934 2024-03-08 10:54:48+00:00| published-proof-of-concept| https://t.me/crackcodes/5331...

Exploit for Unrestricted Upload of File with Dangerous Type in F-Logic Datacube3

CVE-2024-25830 and CVE-2024-25832 - DataCube3 Improper Access...

CVE-2024-25832

F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension...

CVE-2024-25832

F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension...

CVE-2024-25832

F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension...

CVE-2024-25832

Summary (CVE-2024-25832) : F-logic DataCube3 v1.0 is reported vulnerable to unrestricted file upload by manipulating the filename extension. The issue is classified with high impact (CVSSv3.1: 8.8, HIGH) and requires authentication with low privileges; exploitation could lead to code execution, d...

CVE-2023-25832

creationtimestamp| type| source ---|---|--- 2023-05-10 00:39:03+00:00| seen| https://t.me/cibsecurity/63705 2025-04-10 18:49:26+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11310...

CVE-2023-25832

There is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.0 and below that may allow an attacker to trick an authorized user into executing unwanted actions...

CVE-2023-25832 BUG-000148346 There is a Cross-Site Request Forgery (CSRF) vulnerability in Portal for ArcGIS.

There is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.0 and below that may allow an attacker to trick an authorized user into executing unwanted actions...

CVE-2023-25832

Esri Portal for ArcGIS (versions ≤ 11.0) exposes a Cross-Site Request Forgery (CSRF) vulnerability in which an attacker could trick an authenticated user into performing unintended actions. Root cause described as CSRF, with network attack vector and required user interaction. Impact includes hig...

CVE-2022-25832

creationtimestamp| type| source ---|---|--- 2022-04-12 00:31:25+00:00| seen| https://t.me/cibsecurity/40571...

CVE-2021-25832

creationtimestamp| type| source ---|---|--- 2021-03-01 18:43:17+00:00| seen| https://t.me/cibsecurity/24299 2021-10-30 14:32:34+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/4625...

CVE-2021-25832

A heap buffer overflow vulnerability inside of BMP image processing was found at core module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remote code executions on DocumentServer...

CVE-2021-25832

CVE-2021-25832 affects ONLYOFFICE DocumentServer. A heap buffer overflow in the BMP image processing of the core module (document server) can allow remote code execution on vulnerable versions: v4.0.0-9-v6.0.0. The provided documents do not include remediation steps or patch/version details beyon...

CVE-2020-25832

creationtimestamp| type| source ---|---|--- 2020-11-17 07:38:20+00:00| seen| https://t.me/cibsecurity/16416...