CVE-2026-6278

creationtimestamp| type| source ---|---|--- 2026-05-07 02:20:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mla5prthjg2v...

MINI-5GV5-44CF-6278

Bulletin has no description...

CVE-2025-6278

A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has been disclosed to the public and may be used...

CVE-2025-6278

A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has been disclosed to the public and may be used...

CVE-2025-6278

creationtimestamp| type| source ---|---|--- 2025-06-19 20:44:35+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18879 2025-06-20 00:18:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lryr7zzacn2a...

CVE-2025-6278 Upsonic server.py os.path.join path traversal

A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has been disclosed to the public and may be used...

Apache Mod_cgi Bash Environment Variable Injection (Shellshock) Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache modcgi Bash Environment Variable Injection Shellshock Scanner', 'Description' = %q This module scans for the Shellshock vulnerability, a...

CVE-2023-6278

creationtimestamp| type| source ---|---|--- 2024-01-29 16:26:19+00:00| seen| https://t.me/ctinow/175365 2024-02-03 08:16:23+00:00| seen| https://t.me/ctinow/178425 2024-02-21 16:11:33+00:00| seen| https://t.me/ctinow/189713...

CVE-2023-6278 Biteship for WooCommerce < 2.2.25 - Reflected Cross-Site Scripting

The Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo WordPress plugin before 2.2.25 does not sanitise and escape the biteshiperror and biteshipmessage parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high...

CVE-2023-6278 Biteship for WooCommerce < 2.2.25 - Reflected Cross-Site Scripting

The Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo WordPress plugin before 2.2.25 does not sanitise and escape the biteshiperror and biteshipmessage parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high...

CVE-2023-6278

CVE-2023-6278 affects the Biteship for WooCommerce WordPress plugin prior to 2.2.25. The issue is a reflected XSS caused by unsanitized and unescaped biteship_error and biteship_message parameters, displayed back on the page and exploitable against high-privilege admins. Remediation: upgrade to v...

Ubuntu: Security Advisory (USN-6278-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : .NET vulnerabilities (USN-6278-2)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6278-2 advisory. USN-6278-1 fixed several vulnerabilities in .NET. This update provides the corresponding updates for Ubuntu 22.04 LTS. Tenable has extracted the precedin...

Ubuntu 23.04 : .NET vulnerabilities (USN-6278-1)

The remote Ubuntu 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6278-1 advisory. It was discovered that .NET did not properly handle the execution of certain commands. An attacker could possibly use this issue to achieve remote code...

Security Bulletin: IBM System Networking Products not affected by the Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278)

Summary IBM System Networking Products are not vulnerable to the Bash vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and the two memory corruption vulnerabilities. Vulnerability Details Abstract IBM System Networking Products are not vulnerable to the Bash vulnerabilitie...

Security Bulletin: Vulnerabilities in bash affect IBM BladeCenter Advanced Management Module (AMM)

Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in bash. Vulnerability Details Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in bash. Vulnerability Details: CVEID: CVE-2014-6277 Description: GN...

Security Bulletin: Vulnerabilities in bash affect SAN Volume Controller and Storwize Family (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Security Bulletin: Vulnerabilities in Bash affect SAN Volume Controller and Storwize Family CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278 Vulnerability Details Security Bulletin --- Summary --- Six Bash vulnerabilities were disclosed in September...

Security Bulletin: Vulnerabilities in Bash affect IBM/Cisco Switches and Directors (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by IBM/Cisco switches and directors. Vulnerability Details CVE-ID :...

Mageia: Security Advisory (MGASA-2014-0394)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2872-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...