CVE-2016-20023

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided...

CVE-2016-20023

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided...

CVE-2016-20023

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided...

CKSource CKFinder 安全漏洞

CKSource CKFinder is a file management and uploading tool from CKSource, Inc. A security vulnerability exists in CKSource CKFinder versions prior to 2.5.0.1, which originates from an authenticated user being able to download arbitrary files on the server via the correct path...

PT-2025-49222

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided...

CVE-2016-20023

CKSource CKFinder for ASP.NET versions before 2.5.0.1 are affected. An authenticated user could download arbitrary server files by supplying the correct path, indicating an insecure path/file access mechanism. The issue impacts CKFinder’s file download functionality and could expose confidential ...

CVE-2016-20023

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided...

EUVD-2016-10801

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided...

CVE-2016-20023

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided...

CVE-2025-63830

CKFinder 1.4.3 is vulnerable to Cross Site Scripting XSS in the File Upload function. An attacker can upload a crafted SVG containing active content...

CVE-2025-63830

CKFinder 1.4.3 is vulnerable to Cross Site Scripting XSS in the File Upload function. An attacker can upload a crafted SVG containing active content...

CVE-2025-63830

CKFinder 1.4.3 is vulnerable to Cross Site Scripting XSS in the File Upload function. An attacker can upload a crafted SVG containing active content...

CVE-2025-63830

CKFinder 1.4.3 is vulnerable to Cross Site Scripting XSS in the File Upload function. An attacker can upload a crafted SVG containing active content...

CVE-2025-63830

CKFinder 1.4.3 is affected by a Cross Site Scripting (XSS) vulnerability in the File Upload feature. An attacker can upload a crafted SVG that contains active content, potentially executing script in the context of a user’s browser. This affects the CKFinder 1.4.3 release as described across mult...

PT-2025-46989

Name of the Vulnerable Software and Affected Versions CKFinder version 1.4.3 Description CKFinder 1.4.3 is susceptible to a Cross Site Scripting XSS issue within the File Upload function. An attacker can exploit this by uploading a specially crafted SVG file containing active content. The...

CKFinder 安全漏洞

CKFinder is an intelligent WYSIWYG editor component with collaborative editing capabilities. A security vulnerability exists in CKFinder version 1.4.3, which stems from a cross-site scripting vulnerability in the file upload feature that could lead to the upload of malicious SVG files...

CVE-2025-63830

CKFinder 1.4.3 is vulnerable to Cross Site Scripting XSS in the File Upload function. An attacker can upload a crafted SVG containing active content...

EUVD-2019-6773

Malware in sbrugna...

EUVD-2019-6802

Malware in sbrugna...

@ckeditor/ckeditor5-adapter-ckfinder (>=46.0.0 <=46.0.2-alpha.1), @ckeditor/ckeditor5-ai (>=46.0.0 <=46.0.2-alpha.1) +89 more potentially affected by CVE-2025-58064 via @ckeditor/ckeditor5-clipboard (>=46.0.0 <=46.0.2)

@ckeditor/ckeditor5-clipboard NPM version =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.2-alpha.1 and more Source cves: CVE-2025-58064 Source advisory: SNYK:JS-CKEDITORCKEDITOR5CLIPBOARD-124851...