1026 matches found
CVE-2025-11027 givanz Vvveb SVG File cross site scripting
A vulnerability was identified in givanz Vvveb up to 1.0.7.2. Affected by this issue is some unknown functionality of the component SVG File Handler. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit is publicly available and might be used. Once aga...
CVE-2025-11026
A vulnerability was determined in givanz Vvveb up to 1.0.7.2. Affected by this vulnerability is an unknown functionality of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The exploit has been publicly disclosed and...
CVE-2025-11026
A vulnerability was determined in givanz Vvveb up to 1.0.7.2. Affected by this vulnerability is an unknown functionality of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The exploit has been publicly disclosed and...
CVE-2025-11026
Summary: CVE-2025-11026 affects givanz Vvveb up to 1.0.7.2, specifically a flaw in the Configuration File Handler that can lead to information disclosure. The vulnerability description indicates remote initiation and that the exploit has been publicly disclosed. The root cause is tied to mis-hand...
CVE-2025-11026 givanz Vvveb Configuration File information disclosure
A vulnerability was determined in givanz Vvveb up to 1.0.7.2. Affected by this vulnerability is an unknown functionality of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The exploit has been publicly disclosed and...
PT-2025-39655
Name of the Vulnerable Software and Affected Versions givanz Vvveb versions up to 1.0.7.2 Description A cross-site scripting issue exists in the SVG File Handler component. This manipulation can be launched remotely. The exploit is publicly available. Recommendations Update to a version beyond...
Vvveb 安全漏洞
Vvveb is a powerful and easy-to-use CMS from Givan Individual Developers for building websites, blogs or e-commerce stores. A security vulnerability exists in Vvveb version 1.0.7.2 and earlier, which stems from an unknown functionality issue in the component SVG File Handler that could lead to...
PT-2025-39649
Name of the Vulnerable Software and Affected Versions givanz Vvveb versions up to 1.0.7.2 Description A flaw exists within the Configuration File Handler component that can lead to information disclosure. The issue is potentially exploitable remotely. The exploit has been publicly disclosed...
GHSA-9X36-C74V-FGR6 ml-logger file handler allows reading arbitrary files
A security flaw has been discovered in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this issue is the function streamhandler of the file mllogger/server.py of the component File Handler. Performing manipulation of the argument key results in information disclosure...
ml-logger file handler allows reading arbitrary files
A security flaw has been discovered in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this issue is the function streamhandler of the file mllogger/server.py of the component File Handler. Performing manipulation of the argument key results in information disclosure...
CVE-2025-10952
A security flaw has been discovered in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this issue is the function streamhandler of the file mllogger/server.py of the component File Handler. Performing manipulation of the argument key results in information disclosure...
PT-2025-39407
Name of the Vulnerable Software and Affected Versions geyang ml-logger versions prior to acf255bade5be6ad88d90735c8367b28cbe3a743 Description A security flaw exists in geyang ml-logger. The issue resides in the stream handler function within the ml logger/server.py file of the File Handler...
ML-Logger 访问控制错误漏洞
ML-Logger is a logger, server and visualization dashboard for machine learning projects by Ge Yang Personal Developer. An access control error vulnerability exists in ML-Logger acf255bade5be6ad88d90735c8367b28cbe3a743 and prior versions, which stems from an incorrect manipulation of the parameter...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the logoNavbar or logoLogin arguments in the SVG File Handler component of the /admin path. An attacker can inject and execute arbitrary scripts by supplying crafted input to these arguments. Details...
GHSA-4C44-R8RM-3P39 Mangati NovoSGA XSS vulnerability in /admin
A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...
Mangati NovoSGA XSS vulnerability in /admin
A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...
CVE-2025-10909
A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...
CVE-2025-10909 Mangati NovoSGA SVG File admin cross site scripting
A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...
CVE-2025-10909 Mangati NovoSGA SVG File admin cross site scripting
A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...
CVE-2025-10909
Mangati NovoSGA (versions up to 2.2.9) is affected by a Cross-site Scripting (XSS) vulnerability in the SVG File Handler, specifically via manipulation of the logoNavbar/logoLogin arguments in the /admin path. The issue can be exploited remotely; multiple sources report that the exploit is public...