Lucene search
K

44 matches found

Positive Technologies
Positive Technologies
added 2024/11/26 12:0 a.m.5 views

PT-2024-35793 · Spip · Spip

Name of the Vulnerable Software and Affected Versions: SPIP version 4.3.3 Description: The issue concerns an authenticated arbitrary file upload vulnerability in the Documents module. This allows attackers to execute arbitrary code by uploading a crafted PDF file. There is no information provided...

6.3CVSS7.8AI score0.00545EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/11/26 12:0 a.m.5 views

SPIP 安全漏洞

SPIP is a free software for creating Internet sites from the SPIP open source. A security vulnerability exists in SPIP v4.3.3, which originates from an authenticated arbitrary file upload vulnerability in the Documents module...

6.3CVSS6.7AI score0.00545EPSS
Exploits1References1
CVE
CVE
added 2024/11/26 12:0 a.m.63 views

CVE-2024-53619

CVE-2024-53619 concerns an authenticated arbitrary file upload in the Documents module of SPIP v4.3.3 that can lead to arbitrary code execution via a crafted PDF upload. The incident is consistently described across multiple sources as affecting SPIP 4.3.3 with an authenticated file upload path, ...

6.3CVSS7.7AI score0.00545EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/11/26 12:0 a.m.18 views

CVE-2024-53619

An authenticated arbitrary file upload vulnerability in the Documents module of SPIP v4.3.3 allows attackers to execute arbitrary code via uploading a crafted PDF file...

0.00545EPSS
Exploits1References1
OSV
OSV
added 2024/03/06 11:11 a.m.10 views

BIT-SUITECRM-2020-15300

SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document...

6.1CVSS6.2AI score0.00699EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/01/11 12:0 a.m.9 views

The vulnerability of the Documents module in the ABO.CMS system allows a perpetrator to execute arbitrary code.

The vulnerability of the Documents module in the ABO.CMS system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.5CVSS8.2AI score0.00829EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/01/06 5:15 a.m.5 views

CVE-2023-46953

SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...

9.8CVSS6.2AI score0.00829EPSS
Exploits0References1
NVD
NVD
added 2024/01/06 5:15 a.m.12 views

CVE-2023-46953

SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...

9.8CVSS9.9AI score0.00829EPSS
Exploits0References1
Prion
Prion
added 2024/01/06 5:15 a.m.14 views

Sql injection

SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...

7.5CVSS9.3AI score0.00829EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/06 12:0 a.m.16 views

CVE-2023-46953

SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module...

10AI score0.00829EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/25 12:0 a.m.6 views

PT-2023-8180 · Abo.Cms · Abo.Cms

Name of the Vulnerable Software and Affected Versions: ABO.CMS version 5.9.3 Description: The issue is related to a SQL Injection vulnerability in the Documents module of ABO.CMS, which allows remote attackers to execute arbitrary code via the d parameter. This vulnerability is due to the lack of...

9.8CVSS9.7AI score0.00829EPSS
Exploits0References10
CNVD
CNVD
added 2020/12/23 12:0 a.m.3 views

Odoo Cross-Site Scripting Vulnerability (CNVD-2020-73762)

Odoo is an open source enterprise management suite , its features cover CRM, sales, purchasing, inventory management , manufacturing , quality management , HR full-featured , financial management , project management , PLM and a series of perfect enterprise information needs . A cross-site...

7.1CVSS6.1AI score0.0088EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/22 12:0 a.m.8 views

Odoo 跨站脚本漏洞

Odoo is an open source enterprise management suite , its features cover CRM, sales, purchasing, inventory management , manufacturing , quality management , HR full-featured , financial management , project management , PLM and a series of perfect enterprise information needs . A cross-site...

7.1CVSS6.8AI score0.0088EPSS
Exploits0References2
CNVD
CNVD
added 2020/11/19 12:0 a.m.3 views

SuiteCRM Open Redirect Vulnerability

SuiteCRM is a free open source customer relationship management application. An open redirection vulnerability exists in the Documents module in SuiteCRM 7.11.13 and earlier versions. An attacker can exploit this vulnerability to redirect users to arbitrary URLs via specially crafted SVG document...

6.1CVSS6.9AI score0.00699EPSS
Exploits1References1
NVD
NVD
added 2020/11/18 10:15 p.m.10 views

CVE-2020-15300

SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document...

6.1CVSS6.2AI score0.00699EPSS
Exploits1References1
OSV
OSV
added 2020/11/18 10:15 p.m.15 views

CVE-2020-15300

SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document...

6.1CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2020/11/18 10:15 p.m.22 views

Open redirect

SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document...

5.8CVSS6.2AI score0.00699EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/18 9:6 p.m.22 views

CVE-2020-15300

SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document...

6.2AI score0.00699EPSS
Exploits1References1
CVE
CVE
added 2020/11/18 9:6 p.m.62 views

CVE-2020-15300

CVE-2020-15300 affects SuiteCRM up to version 7.11.13, with an Open Redirect in the Documents module triggered by a crafted SVG document. The underlying issue is an input/redirect handling weakness in the Documents feature, enabling a user-assisted redirect to an arbitrary URL. Impact is describe...

6.1CVSS6.1AI score0.00699EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2020/11/18 12:0 a.m.7 views

SuiteCRM 输入验证错误漏洞

SuiteCRM is a free open source customer relationship management application. An open redirection vulnerability exists in the Documents module in SuiteCRM 7.11.13 and earlier versions. An attacker can exploit this vulnerability to redirect users to arbitrary URLs via specially crafted SVG document...

6.1CVSS6.5AI score0.00699EPSS
Exploits1References2
Rows per page
Query Builder