CVE-2024-29474

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the User Management module...

CVE-2021-29474

HedgeDoc formerly known as CodiMD is an open-source collaborative markdown editor. An attacker can read arbitrary .md files from the server's filesystem due to an improper input validation, which results in the ability to perform a relative path traversal. To verify if you are affected, you can t...

CVE-2024-29474

OneBlog v2.3.4 contains a stored cross-site scripting (XSS) vulnerability in the User Management module. The root cause is a lack of proper filtering/escaping of user-supplied data, enabling arbitrary web script or HTML execution. Affected version: OneBlog 2.3.4. Documents do not provide exploita...

CVE-2023-29474

creationtimestamp| type| source ---|---|--- 2023-04-07 04:38:08+00:00| seen| https://t.me/cibsecurity/61623...

CVE-2023-29474

inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552...

CVE-2023-29474

inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552...

CVE-2023-29474

inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552...

CVE-2023-29474

CVE-2023-29474 affects Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform (10 R1 to 10 R1.34.3). An unauthenticated attacker can execute arbitrary commands on the platform OS, achieving administrative access (OSFOURK-23552). mitigated by upgrading to OpenScape 4000 version 10 ...

CVE-2022-29474

creationtimestamp| type| source ---|---|--- 2022-05-05 20:42:40+00:00| seen| https://t.me/cibsecurity/42022...

CVE-2022-29474

Summary of CVE-2022-29474 (F5 BIG-IP iControl SOAP directory traversal) Vulnerability: A directory traversal in iControl SOAP allows an authenticated user with at least guest privileges to read wsdl files from the BIG-IP filesystem. Affected products/versions (as cited by multiple sources): BIG-I...

CVE-2021-29474

CVE-2021-29474 affects HedgeDoc (CodiMD). The vulnerability allows a relative path traversal via an improper input validation in the note creation flow: an URL-encoded alias is passed through the router into noteController.showNote, then into findNote/parseNoteId, ultimately using a possibly unva...

CVE-2020-29474

EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution...

CVE-2020-29474

CVE-2020-29474 affects EGavilan Media EGM Address Book 1.0. A SQL injection vulnerability allows an attacker to gain Admin Panel access and perform remote arbitrary code execution. Publicly available exploits (e.g., Exploit-DB) exist per references in the records.