Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7008

Malware in sbrugna...

5.4CVSS5.6AI score0.00624EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/01 11:2 a.m.3 views

CVE-2025-9775 RemoteClinic edit-my-profile.php unrestricted upload

A vulnerability was found in RemoteClinic up to 2.0. Impacted is an unknown function of the file /staff/edit-my-profile.php. The manipulation of the argument image results in unrestricted upload. The attack may be launched remotely. The exploit has been made public and could be used...

7.5CVSS6.5AI score0.0049EPSS
Exploits1References4
CVE
CVE
added 2025/09/01 11:2 a.m.20 views

CVE-2025-9775

CVE-2025-9775 affects RemoteClinic up to version 2.0. The vulnerability is in the file /staff/edit-my-profile.php where the image parameter can be manipulated to achieve unrestricted file upload. Attacks may be launched remotely, and the exploit has been publicly disclosed. Several connected sour...

9.8CVSS7.2AI score0.0049EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/01 12:0 a.m.4 views

PT-2025-35475

Name of the Vulnerable Software and Affected Versions: RemoteClinic versions up to 2.0 Description: A vulnerability exists in RemoteClinic that allows for unrestricted file upload. The issue is located in the /staff/edit-my-profile.php file, impacting an unknown function. The image argument can b...

9.8CVSS7AI score0.0049EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/05/22 4:45 a.m.5 views

CVE-2019-16193

In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to trigger a Cross Frame Scripting XFS attack through the EDIT MY PROFILE feature...

5.4CVSS6.5AI score0.00624EPSS
Exploits0References1
Prion
Prion
added 2023/11/07 3:15 p.m.20 views

Design/Logic Flaw

RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote attacker with low-privileged user credentials to create admin users, escalate privileges, and execute arbitrary code on the target system via a PHP shell. The vulnerabilities are caused by a lack of input...

6.5CVSS8.6AI score0.0193EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2021/11/05 4:15 p.m.2 views

CVE-2021-39416

Multiple Cross Site Scripting XSS vulnerabilities exists in Remote Clinic v2.0 in 1 patients/register-patient.php via the a Contact, b Email, c Weight, d Profession, e refcontact, f address, g gender, h age, and i serial parameters; in 2 patients/edit-patient.php via the a Contact, b Email, c...

6.1CVSS5.8AI score
Exploits0References3
OSV
OSV
added 2019/09/11 12:15 p.m.3 views

CVE-2019-16193

In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to trigger a Cross Frame Scripting XFS attack through the EDIT MY PROFILE feature...

5.4CVSS6AI score0.00624EPSS
Exploits0References1
Prion
Prion
added 2019/09/11 12:15 p.m.21 views

Cross site scripting

In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to trigger a Cross Frame Scripting XFS attack through the EDIT MY PROFILE feature...

3.5CVSS5.3AI score0.00624EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/09/11 11:53 a.m.24 views

CVE-2019-16193

In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to trigger a Cross Frame Scripting XFS attack through the EDIT MY PROFILE feature...

5.3AI score0.00624EPSS
Exploits0References1
CVE
CVE
added 2019/09/11 11:53 a.m.50 views

CVE-2019-16193

CVE-2019-16193 affects ArcGIS Enterprise 10.6.1. A crafted IFRAME can trigger a Cross Frame Scripting (XFS) attack via the EDIT MY PROFILE feature. Public records (NVD) cite CVSS v2 base 3.5 (LOW) and CVSS v3.1 base 5.4 (MEDIUM); attack vector: NETWORK, user interaction required (CVSS3.1), and pa...

5.4CVSS5.3AI score0.00624EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder