Lucene search
K

53 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-5471

Malware in sbrugna...

9CVSS7AI score0.0527EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-9127

Malware in sbrugna...

5CVSS6.4AI score0.02008EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-5469

Malware in sbrugna...

9.8CVSS9.5AI score0.03014EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-10251

Malware in sbrugna...

6.1CVSS6.3AI score0.00853EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-9126

Malware in sbrugna...

6.4CVSS6.4AI score0.04049EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-29624

Malware in sbrugna...

5.4CVSS5.4AI score0.02676EPSS
Exploits5References5
RedhatCVE
RedhatCVE
added 2025/05/23 11:38 a.m.4 views

CVE-2025-0557

A vulnerability classified as problematic has been found in Hyland Alfresco Community Edition and Alfresco Enterprise Edition up to 6.2.2. This affects an unknown part of the file /share/s/ of the component URL Handler. The manipulation leads to cross site scripting. It is possible to initiate th...

6.9CVSS6.2AI score0.00571EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:11 p.m.7 views

CVE-2020-8778

Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 rb65251d6-b368 has XSS via an uploaded document, when the attacker has write access to a project...

5.4CVSS5.8AI score0.02621EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:16 p.m.7 views

CVE-2020-18327

Cross Site Scripting XSS vulnerability exists in Alfresco Alfresco Community Edition v5.2.0 via the action parameter in the alfresco/s/admin/admin-nodebrowser API. Fixed in v6.2...

6.1CVSS6AI score0.00853EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 1:46 p.m.8 views

CVE-2014-9302

Server-side request forgery SSRF vulnerability in the cmisbrowser servlet in Content Management Interoperability Service CMIS in Alfresco Community Edition 5.0.a and earlier allows remote attackers to trigger outbound requests via a crafted URI in the url parameter...

5CVSS7AI score0.02008EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:44 p.m.12 views

CVE-2014-9301

Server-side request forgery SSRF vulnerability in the proxy servlet in Alfresco Community Edition before 5.0.a allows remote attackers to trigger outbound requests to intranet servers, conduct port scans, and read arbitrary files via a crafted URI in the endpoint parameter...

6.4CVSS7.1AI score0.04049EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 a.m.14 views

CVE-2019-14222

An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker...

9.8CVSS7AI score0.03014EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 a.m.9 views

CVE-2019-14224

An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr...

9CVSS7.9AI score0.0527EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 a.m.9 views

CVE-2019-14223

An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a crafted POST request. By manipulating the POST parameters, an attacker can redirect a victim to a malicious website over any...

6.1CVSS6.6AI score0.04474EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:40 a.m.8 views

CVE-2014-9300

Cross-site request forgery CSRF vulnerability in the cmisbrowser servlet in Content Management Interoperability Service CMIS in Alfresco Community Edition before 5.0.a allows remote attackers to hijack the authentication of users for requests that access unauthorized URLs and obtain user...

6.8CVSS7.5AI score0.00628EPSS
Exploits1References1
OSV
OSV
added 2024/03/06 10:51 a.m.16 views

BIT-ALFRESCO-2020-18327

Cross Site Scripting XSS vulnerability exists in Alfresco Alfresco Community Edition v5.2.0 via the action parameter in the alfresco/s/admin/admin-nodebrowser API. Fixed in v6.2...

6.1CVSS6AI score0.00853EPSS
Exploits1References2
OSV
OSV
added 2024/03/06 10:50 a.m.16 views

BIT-ALFRESCO-2020-8777

Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 rb65251d6-b368 has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document...

5.4CVSS5.1AI score0.0317EPSS
Exploits5References3
BDU FSTEC
BDU FSTEC
added 2024/01/12 12:0 a.m.4 views

The vulnerability of the folder.get.html.ftl component of the Hyland Alfresco Community Edition system allows a intruder to execute arbitrary code.

The vulnerability of the folder.get.html.ftl component in the Hyland Alfresco Community Edition system exists due to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8AI score0.34684EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/12/11 8:15 a.m.3 views

CVE-2023-49964

An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. By inserting malicious content in the folder.get.html.ftl file, an attacker may perform SSTI Server-Side Template Injection attacks, which can leverage FreeMarker exposed objects to bypass restrictions and achieve RCE...

9CVSS7.3AI score0.34684EPSS
Exploits1References3
NVD
NVD
added 2023/12/11 8:15 a.m.17 views

CVE-2023-49964

An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. By inserting malicious content in the folder.get.html.ftl file, an attacker may perform SSTI Server-Side Template Injection attacks, which can leverage FreeMarker exposed objects to bypass restrictions and achieve RCE...

8.8CVSS0.34684EPSS
Exploits1References2
Rows per page
Query Builder