CVE-2026-3585

creationtimestamp| type| source ---|---|--- 2026-03-10 04:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116202997545439339 2026-03-10 16:40:37+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3585 2026-03-10 16:40:37+00:00| seen|...

CVE-2026-3585

The The Events Calendar plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.15.17 via the 'ajaxcreateimport' function. This makes it possible for authenticated attackers, with Author-level access and above, to read the contents of arbitrary files on the...

EUVD-2009-4121

Malware in sbrugna...

EUVD-2005-4213

Malware in sbrugna...

CVE-2013-3585

Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving 1 direct access to a file or 2 the user-setup web page...

CVE-2012-3585

Heap-based buffer overflow in jpegls.dll in the JpegLS aka JLS plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file...

CVE-2025-3585

A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file /upload/ of the component JSP Parser. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-3585

creationtimestamp| type| source ---|---|--- 2025-04-14 20:33:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmsfw57il724 2025-04-14 21:22:01+00:00| seen| https://t.me/cvedetector/22881...

CVE-2025-3585

A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file /upload/ of the component JSP Parser. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-3585 westboy CicadasCMS JSP Parser upload unrestricted upload

A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file /upload/ of the component JSP Parser. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-3585

CVE-2025-3585 affects westboy CicadasCMS 1.0. The vulnerability is due to manipulation of the File argument in the /upload/ path of the JSP Parser component, allowing unrestricted file upload . Attack is possible remotely and is described as a known/ disclosed exploit. Impact details in the publi...

CVE-2025-3585 westboy CicadasCMS JSP Parser upload unrestricted upload

A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file /upload/ of the component JSP Parser. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-3585

The Send PDF for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of form submissions due to a missing capability check on the hooks function in all versions up to, and including, 1.0.2.3. This makes it possible for unauthenticated attackers to download information about...

CVE-2024-3585 Send PDF for Contact Form 7 <= 1.0.2.3 - Missing Authorization

The Send PDF for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of form submissions due to a missing capability check on the hooks function in all versions up to, and including, 1.0.2.3. This makes it possible for unauthenticated attackers to download information about...

CVE-2024-3585

CVE-2024-3585 describes a vulnerability in the Send PDF for Contact Form 7 plugin for WordPress. It permits unauthenticated access to form submissions (including PDFs) due to a missing capability check on the hooks function in all versions up to and including 1.0.2.3, enabling information exposur...

WordPress Send PDF for Contact Form 7 Plugin <= 1.0.2.3 is vulnerable to Broken Access Control

Software Send PDF for Contact Form 7 Type Plugin Vulnerable versions = 1.0.2.3 Fixed in 1.0.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3585 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 13d8f4997e3b Credits Krzysztof Zają...

CVE-2024-2227

This vulnerability allows access to arbitrary files in the application server file system due to a path traversal vulnerability in JavaServer Faces JSF 2.2.20 documented in CVE-2020-6950. The remediation for this vulnerability contained in this security fix provides additional changes to the...

CVE-2024-2227 IdentityIQ JavaServer Faces File Path Traversal Vulnerability

This vulnerability allows access to arbitrary files in the application server file system due to a path traversal vulnerability in JavaServer Faces JSF 2.2.20 documented in CVE-2020-6950. The remediation for this vulnerability contained in this security fix provides additional changes to the...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2021:3585)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:3585 advisory. - Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which in some situations allows attackers to bypa...

CVE-2023-3585 channel DoS by sharing a boards link

Mattermost Boards fail to properly validate a board link, allowing an attacker to crash a channel by posting a specially crafted boards link...