Lucene search
K

5 matches found

Cvelist
Cvelist
added 2025/11/01 2:42 a.m.8 views

CVE-2025-62275

Blogs in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions does not check permission of images in a blog entry, which allows remote attackers ...

6.9CVSS0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/23 12:0 a.m.6 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

6.9CVSS6.4AI score0.00384EPSS
Exploits0References1
OSV
OSV
added 2025/08/22 5:15 p.m.6 views

CVE-2025-55621

An Insecure Direct Object Reference IDOR vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior; the photos are part of a social...

6.5CVSS5.8AI score0.00222EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/08/01 2:15 p.m.2 views

CVE-2023-39108

rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery SSRF via the pathb parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs...

8.8CVSS7.5AI score0.02965EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2001/02/12 12:0 a.m.36 views

carey internets services commerce.cgi 2.0.1 - Directory Traversal

source: https://www.securityfocus.com/bid/2361/info It is possible for a remote user to gain read access to directories and files outside the root directory of Carey Internet Services Commerce.cgi. Requesting a specially crafted URL composed of '/../%00' along with the known filename or directory...

7.4AI score
Exploits0
Rows per page
Query Builder