Lucene search
K

46 matches found

Vulnrichment
Vulnrichment
•added 2026/01/02 1:32 a.m.•4 views

CVE-2025-15422 EmpireSoft EmpireCMS IP Address connect.php egetip protection mechanism

A flaw has been found in EmpireSoft EmpireCMS up to 8.0. This issue affects the function egetip of the file e/class/connect.php of the component IP Address Handler. This manipulation causes protection mechanism failure. The attack may be initiated remotely. The exploit has been published and may ...

6.9CVSS6.3AI score0.01066EPSS
Exploits1References5
Positive Technologies
Positive Technologies
•added 2026/01/02 12:0 a.m.•5 views

PT-2026-1039

Name of the Vulnerable Software and Affected Versions EmpireSoft EmpireCMS versions up to 8.0 Description A security issue exists in EmpireSoft EmpireCMS related to the IP Address Handler component. The issue resides in the egetip function within the e/class/connect.php file. This flaw results in...

7.5CVSS6.1AI score0.01066EPSS
Exploits1References12
CNNVD
CNNVD
•added 2025/12/11 12:0 a.m.•3 views

uCrop ä»£ē é—®é¢˜ę¼ę“ž

uCrop is an Android image cropping library open-sourced by Yalantis. A code issue vulnerability exists in uCrop version 2.2.11, which stems from a flaw in the function downloadFile in the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler, which could lead to server-sid...

8.8CVSS6.5AI score0.00388EPSS
Exploits1References5
Positive Technologies
Positive Technologies
•added 2025/12/11 12:0 a.m.•6 views

PT-2025-50608

A vulnerability was found in Yalantis uCrop 2.2.11. Affected by this issue is the function downloadFile of the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler. Performing manipulation results in server-side request forgery. The attack may be initiated remotely. The...

6.5CVSS6.6AI score0.00388EPSS
Exploits1References6
EUVD
EUVD
•added 2025/10/13 12:30 a.m.•6 views

EUVD-2025-33913

A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown function of the file TFFQDN.json of the component GATT Interface URL Handler. Such manipulation leads to server-side request forgery. The attack may be performed from remote. Attacks of this nature are high...

6.3CVSS5.8AI score0.00416EPSS
Exploits1References5
EUVD
EUVD
•added 2025/10/06 10:32 a.m.•4 views

EUVD-2025-32528

A vulnerability was determined in CmsEasy up to 7.7.7. This affects an unknown function in the library lib/inc/view.php of the component URL Handler. Executing manipulation of the argument PHPSELF can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly...

5.1CVSS5.1AI score0.00269EPSS
Exploits1References5
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•8 views

EUVD-2024-46353

Malicious code in bioql PyPI...

6.9CVSS5.6AI score0.00626EPSS
Exploits0References4
OSV
OSV
•added 2025/09/05 6:15 p.m.•5 views

CVE-2025-10014

A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address Handler. Executing manipulation of the argument id/email can lead to improper authorization. The attack may be performed from remote...

2.3CVSS6.5AI score
Exploits0References4
CVE
CVE
•added 2025/09/05 5:32 p.m.•21 views

CVE-2025-10014

CVE-2025-10014 affects elunez eladmin up to 2.7, specifically the updateUserEmail function in the Email Address Handler at /api/users/updateEmail/. Manipulating the id/email argument can cause improper authorization, potentially allowing a remote attacker to access or modify user data. Exploitati...

3.1CVSS4AI score0.00256EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
•added 2025/09/05 5:32 p.m.•32 views

CVE-2025-10014 elunez eladmin Email Address updateEmail updateUserEmail improper authorization

A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address Handler. Executing manipulation of the argument id/email can lead to improper authorization. The attack may be performed from remote...

3.1CVSS0.00256EPSS
Exploits0References4
Positive Technologies
Positive Technologies
•added 2025/09/05 12:0 a.m.•4 views

PT-2025-36258

Name of the Vulnerable Software and Affected Versions: elunez eladmin versions up to 2.7 Description: A flaw exists in elunez eladmin that impacts the updateUserEmail function within the Email Address Handler component. Manipulation of the id/email argument in the /api/users/updateEmail/ API...

3.1CVSS3.7AI score0.00256EPSS
Exploits0References6
Cvelist
Cvelist
•added 2025/08/15 2:32 a.m.•11 views

CVE-2025-9003 D-Link DIR-818LW DHCP Reserved Address bsc_lan.php cross site scripting

A vulnerability has been found in D-Link DIR-818LW 1.04. This vulnerability affects unknown code of the file /bsclan.php of the component DHCP Reserved Address Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. This vulnerability on...

5.1CVSS0.00561EPSS
Exploits0References4
Positive Technologies
Positive Technologies
•added 2025/08/15 12:0 a.m.•8 views

PT-2025-33434 Ā· D Link Ā· Dir-818Lw

Name of the Vulnerable Software and Affected Versions: D-Link DIR-818LW version 1.04 Description: A vulnerability exists in the DHCP Reserved Address Handler component of D-Link DIR-818LW version 1.04. The manipulation of the Name argument in the /bsc lan.php file leads to cross-site scripting. T...

5.1CVSS3.6AI score0.00561EPSS
Exploits0References7
OSV
OSV
•added 2025/08/05 1:15 a.m.•5 views

CVE-2025-8535

A vulnerability, which was classified as problematic, has been found in cronoh NanoVault up to 1.2.1. This issue affects the function executeJavaScript of the file /main.js of the component xrb URL Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...

9CVSS5.5AI score
Exploits0References5
RedhatCVE
RedhatCVE
•added 2025/05/23 8:27 a.m.•9 views

CVE-2024-5096

A vulnerability classified as problematic was found in Hipcam Device up to 20240511. This vulnerability affects unknown code of the file /log/wifi.mac of the component MAC Address Handler. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been...

6.9CVSS6.6AI score0.00626EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
•added 2024/12/02 12:0 a.m.•5 views

The vulnerability of the URL Handler component in the Zimbra Collaboration Suite email management system allows attackers to execute arbitrary code, as a result of insufficient measures taken to protect the structure of the web page.

The vulnerability of the URL Handler component in the Zimbra Collaboration Suite corporate email management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created...

5.5CVSS5.9AI score0.00246EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
•added 2024/08/05 12:0 a.m.•6 views

The vulnerability of the admin_compliance_framework function in the Group Namespace URL Handler component of the software platform based on Git, which allows a violator to modify the group’s URL address.

The vulnerability of the admincomplianceframework function in the Group Namespace URL Handler component of the software platform based on Git for collaborative code development in GitLab is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to modi...

6.8CVSS5.8AI score0.0042EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
•added 2024/07/24 12:0 a.m.•6 views

The vulnerability of the Email Address Handler component of the software platform based on Git for collaborative code development on GitLab allows a malicious individual to gain unauthorized access to limited functions.

The vulnerability of the Email Address Handler component in the Git-based software platform, which is used for collaborative code development on GitLab, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...

4.3CVSS5.6AI score0.00469EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
•added 2024/05/31 12:0 a.m.•6 views

The vulnerability of the URL Handler component in SAP Companion software for interactive user training allows a attacker to carry out XSS attacks.

The vulnerability of the URL Handler component in SAP Companion’s interactive user training software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

5.5CVSS5.8AI score0.00323EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
•added 2024/05/19 2:0 a.m.•28 views

CVE-2024-5096 Hipcam Device MAC Address wifi.mac information disclosure

A vulnerability classified as problematic was found in Hipcam Device up to 20240511. This vulnerability affects unknown code of the file /log/wifi.mac of the component MAC Address Handler. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been...

6.9CVSS5.2AI score0.00626EPSS
Exploits0References4
Rows per page
Query Builder