13 matches found
EUVD-2025-54959
Malicious code in deliberate-beige-bear npm...
CVE-2025-54959
creationtimestamp| type| source ---|---|--- 2025-08-08 05:55:03+00:00| seen| Telegram/6iQp09Ahis6vIlTsfC2Cnl0poLA7EOf-GQOYqZt9DcRKSkI...
CVE-2025-54959
Powered BLUE Server versions 0.20130927 and prior contain a path traversal vulnerability. If this vulnerability is exploited, an arbitrary file in the affected product may be disclosed...
CVE-2025-54959
CVE-2025-54959 affects Powered BLUE Server versions 0.20130927 and earlier. The vulnerability is a path traversal that can disclose arbitrary files in the affected product. Impact is described as possible file disclosure by an authenticated user; no exploits are detailed in the provided docs. Mit...
CVE-2025-54959
Powered BLUE Server versions 0.20130927 and prior contain a path traversal vulnerability. If this vulnerability is exploited, an arbitrary file in the affected product may be disclosed...
CVE-2025-54959
Powered BLUE Server versions 0.20130927 and prior contain a path traversal vulnerability. If this vulnerability is exploited, an arbitrary file in the affected product may be disclosed...
JVN#39636188: Multiple vulnerabilities in Mubit Powered BLUE 870
Powered BLUE 870 provided by Mubit co.,ltd. contains multiple vulnerabilities listed below. OS command injection CWE-78 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N Base Score 5.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Base Score 6.3 CVE-2025-54958 Path traversal CWE-22...
CVE-2024-54959
Nagios XI 2024R1.2.2 is vulnerable to a Cross-Site Request Forgery CSRF attack through the Favorites component, enabling POST-based Cross-Site Scripting XSS...
CVE-2024-54959
creationtimestamp| type| source ---|---|--- 2025-02-20 20:41:24+00:00| seen| https://t.me/cvedetector/18589 2025-02-20 20:51:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lin66zn53y2l...
CVE-2024-54959
Nagios XI 2024R1.2.2 is vulnerable to a Cross-Site Request Forgery CSRF attack through the Favorites component, enabling POST-based Cross-Site Scripting XSS...
CVE-2024-54959
Nagios XI 2024R1.2.2 is vulnerable to a Cross-Site Request Forgery CSRF attack through the Favorites component, enabling POST-based Cross-Site Scripting XSS...
CVE-2024-54959
Nagios XI 2024R1.2.2 is vulnerable to a Cross-Site Request Forgery CSRF attack through the Favorites component, enabling POST-based Cross-Site Scripting XSS...
Ruby on Rails 'select_tag()'方法跨站脚本执行漏洞
BUGTRAQ ID: 54959 CVE ID: CVE-2012-3463 Ruby on Rails简称RoR或Rails,是一个使用Ruby语言写的开源Web应用框架,它是严格按照MVC结构开发的。 Ruby on Rails 3.0.17之前的3.x版本、3.1.8之前的3.1.x版本、3.2.8之前的3.2.x版本内actionpack/lib/actionview/helpers/formtaghelper.rb在实现上存在XSS漏洞,可允许远程攻击者通过prompt字段注入任意Web脚本或HTML到selecttag帮助程序。 0 Ruby on Rails Ruby o...