Lucene search
K

11 matches found

Vulnrichment
Vulnrichment
added 2026/04/03 8:59 p.m.2 views

CVE-2026-26058 Zulip: Path Traversal in Import

Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, ./manage.py import reads arbitrary files from the server filesystem via path traversal in uploads/records.json. A crafted export tarball causes the server to copy any file the zulip user can read into the...

6.1CVSS6AI score0.00237EPSS
Exploits1References2
Circl
Circl
added 2025/02/18 6:16 p.m.8 views

CVE-2025-26058

creationtimestamp| type| source ---|---|--- 2025-02-18 18:16:20+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lihulnndlf2t 2025-02-18 20:59:46+00:00| seen| https://t.me/cvedetector/18348 2025-02-18 21:56:20+00:00| seen|...

4.2CVSS4.8AI score0.00205EPSS
Exploits1References3
OSV
OSV
added 2025/02/18 6:15 p.m.4 views

CVE-2025-26058

Webkul QloApps v1.6.1 exposes authentication tokens in URLs during redirection. When users access the admin panel or other protected areas, the application appends sensitive authentication tokens directly to the URL...

4.2CVSS6.4AI score
Exploits0References1
NVD
NVD
added 2025/02/18 6:15 p.m.8 views

CVE-2025-26058

Webkul QloApps v1.6.1 exposes authentication tokens in URLs during redirection. When users access the admin panel or other protected areas, the application appends sensitive authentication tokens directly to the URL...

4.2CVSS0.00205EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/02/18 12:0 a.m.12 views

CVE-2025-26058

Webkul QloApps v1.6.1 exposes authentication tokens in URLs during redirection. When users access the admin panel or other protected areas, the application appends sensitive authentication tokens directly to the URL...

0.00205EPSS
Exploits1References1
Circl
Circl
added 2023/04/25 4:25 p.m.6 views

CVE-2023-26058

creationtimestamp| type| source ---|---|--- 2023-04-25 16:25:13+00:00| seen| https://t.me/cibsecurity/62798...

6.5CVSS6.3AI score0.00486EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/25 12:0 a.m.9 views

CVE-2023-26058

An XXE issue was discovered in Nokia NetAct before 22 FP2211 via an XML document to a Performance Manager page. Input validation and a proper XML parser configuration are missing. For an external attacker, it is very difficult to exploit this, because a few dynamically created parameters such as...

6.5CVSS6.5AI score0.00486EPSS
Exploits0References2
CVE
CVE
added 2023/04/25 12:0 a.m.47 views

CVE-2023-26058

CVE-2023-26058 – Nokia NetAct XXE : Multiple sources confirm an XML External Entity vulnerability in Nokia NetAct prior to 22 FP2211, exploitable via an XML document to a Performance Manager page. The root cause is missing input validation and improper XML parser configuration. Impact is describe...

6.5CVSS6.4AI score0.00486EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/01/19 3:26 a.m.11 views

CVE-2021-26058

...

Exploits0
CVE
CVE
added 2022/01/19 3:26 a.m.39 views

CVE-2021-26058

CVE-2021-26058 is rejected and not used; it does not represent an active vulnerability entry.

7.3AI score
Exploits0
CVE
CVE
added 1976/01/01 12:0 a.m.41 views

CVE-2022-26058

This CVE entry is rejected/not used and does not represent an active vulnerability entry.

6.7AI score
Exploits0
Rows per page
Query Builder