16 matches found
CVE-2024-27665
Unifiedtransform v2.X is vulnerable to Stored Cross-Site Scripting XSS via file upload feature in Syllabus module...
CVE-2022-27665
Reflected XSS via AngularJS sandbox escape expressions exists in Progress Ipswitch WSFTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add fold...
CVE-2025-27665
Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Antivirus Protection and thus drivers can have known malicious code OVE-20230524-0009...
CVE-2025-27665
creationtimestamp| type| source ---|---|--- 2025-03-06 00:00:27+00:00| seen| https://bsky.app/profile/vulnalerts.bsky.social/post/3ljo6scrwmi2p 2025-03-06 12:00:20+00:00| seen| https://bsky.app/profile/vulnalerts.bsky.social/post/3ljpgzqng7n2u...
CVE-2025-27665
Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Antivirus Protection and thus drivers can have known malicious code OVE-20230524-0009...
CVE-2024-27665
Unifiedtransform v2.X is vulnerable to Stored Cross-Site Scripting XSS via file upload feature in Syllabus module...
CVE-2024-27665
Unifiedtransform v2.X is vulnerable to Stored Cross-Site Scripting XSS via file upload feature in Syllabus module...
CVE-2024-27665
CVE-2024-27665 affects Unifiedtransform v2.X, with a Stored Cross-Site Scripting (XSS) vulnerability via the Syllabus module’s file upload feature. The Red Hat/NVD/CVE records confirm the XSS flaw; PT-Security describes the issue for Unifiedtransform v2.X and notes a lack of public technical deta...
Exploit for CVE-2024-27665
CVE-2024-27665 Unifiedtransform v2.X is vulnerable to Stored...
CVE-2022-27665
creationtimestamp| type| source ---|---|--- 2023-04-03 18:24:48+00:00| seen| https://t.me/cibsecurity/61321 2023-04-03 19:37:39+00:00| seen| Telegram/oPUj-zAzjDG7kuWxYWwauEPreuS85m3IgFVDE944fR-1Tw...
CVE-2022-27665
Summary (CVE-2022-27665): Progress Ipswitch WS_FTP Server 8.6.0 is affected by a reflected XSS vulnerability via AngularJS sandbox escape expressions, allowing an attacker to trigger client-side code by submitting crafted input in the subdirectory search bar or Add folder filename fields. The iss...
CVE-2022-27665
Reflected XSS via AngularJS sandbox escape expressions exists in Progress Ipswitch WSFTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add fold...
CVE-2021-27665
creationtimestamp| type| source ---|---|--- 2021-10-11 20:24:53+00:00| seen| https://t.me/cibsecurity/30359...
CVE-2021-27665
CVE-2021-27665 affects exacqVision Server 32-bit (Johnson Controls) with an integer overflow vulnerability exploitable remotely by an unauthenticated attacker via a specially crafted script to cause a denial-of-service. The issue, tracked across multiple sources, is rated CVSS v3.1 base 7.5 (HIGH...
@koj/strapi (>=0.0.0 <=1.4.0) potentially affected by CVE-2020-27665 via strapi-plugin-content-type-builder (=3.1.6)
strapi-plugin-content-type-builder NPM version =3.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on strapi-plugin-content-type-builder and may be impacted: - @koj/strapi =0.0.0, =1.4.0 Source cves: CVE-2020-27665 Source advisory: OSV:GHSA-4P55-XJ37-F...
CVE-2020-27665
CVE-2020-27665 affects Strapi before 3.2.5, where the admin::hasPermissions restriction is not enforced for CTB (content-type-builder) routes. The root cause is missing authorization controls on CTB routes, enabling potential unauthorized access to resources via CTB endpoints. Public details in c...