51 matches found
CVE-2025-65837
PublicCMS V5.202506.b is vulnerable to Cross Site Scripting XSS in the Content Search module...
CVE-2025-65837
PublicCMS V5.202506.b is vulnerable to Cross Site Scripting XSS in the Content Search module...
CVE-2025-65837
PublicCMS V5.202506.b is vulnerable to Cross Site Scripting XSS in the Content Search module...
PublicCMS 安全漏洞
PublicCMS is an open source content management system CMS written in Java language by PublicCMS China. A security vulnerability exists in PublicCMS version V5.202506.b. The vulnerability stems from the content search module being susceptible to cross-site scripting attacks...
PT-2025-52683
Name of the Vulnerable Software and Affected Versions PublicCMS version 5.202506.b Description PublicCMS version 5.202506.b has a Cross Site Scripting XSS issue in the Content Search module. The issue allows for the injection of malicious scripts through the Content Search functionality. The...
CVE-2025-65837
PublicCMS V5.202506.b is vulnerable to Cross Site Scripting XSS in the Content Search module...
CVE-2025-65837
PublicCMS V5.202506.b is vulnerable to Cross Site Scripting (XSS) in the Content Search module. The connected documents consistently identify the vulnerable component as the Content Search feature and describe the root cause as an XSS vulnerability. Reported CVSS v3.1 base score is 5.4 (MEDIUM) w...
CVE-2025-65837
PublicCMS V5.202506.b is vulnerable to Cross Site Scripting XSS in the Content Search module...
Adobe Experience Manager (AEM) CRX Search Endpoint Exposure
The remote Adobe Experience Manager AEM CRX search endpoint is accessible. These endpoints provide potential attackers with access to search functionalities, which could be exploited to discover sensitive internal resources. No source data...
EUVD-2018-11524
Malware in sbrugna...
SUSE CVE-2025-4981
Mattermost versions 10.5.x = 10.5.5, 9.11.x = 9.11.15, 10.8.x = 10.8.0, 10.7.x = 10.7.2, 10.6.x = 10.6.5 fail to sanitize filenames in the archive extractor which allows authenticated users to write files to arbitrary locations on the filesystem via uploading archives with path traversal sequence...
CVE-2025-3835
Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module...
CVE-2025-3835
Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module...
CVE-2025-3835
Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module...
CVE-2025-3835 Remote Code Execution
Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module...
CVE-2025-3835
CVE-2025-3835 affects Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and earlier, with a Remote Code Execution vulnerability in the Content Search module. Public notes from multiple sources (NVD/Red Hat/Nessus entry) confirm the affected product and version range and describe RCE in t...
PT-2025-24419 · Zohocorp · Zoho Manageengine Exchange Reporter Plus
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior Description: The issue concerns remote code execution in the Content Search module. It is related to the CWE-434 Unrestricted Upload of File with Dangerous Type. Remote code...
Google Eyes User Browsing Data Search in New Patent Filing
Tech giant Google may soon help users find content they've previously seen, not by searching the web but by scanning their own digital history...
BEC-ware the phish (part 1). Investigating incidents in M365
TL;DR Review the key artefacts to ensure the best possible telemetry is available in the case of a Business Email Compromise BEC. Keep an eye on data retention, where necessary export or forward data for investigations longer than 30 days. Verify and enable Unified Audit Logging, its free and giv...
Security Bulletin: FileNet Content Manager (FNCM) FileNet Content Search Services (CSS) ThoughtWorks XStream security vulnerabilities, affected, not vulnerable
Summary Security vulnerability in FileNet Content Manager FNCM FileNet Content Search Services CSS ThoughtWorks XStream, affected, not vulnerable. Vulnerability Details CVEID:CVE-2022-41966 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By...