384 matches found
CVE-2025-1983
A cross-site scripting XSS vulnerability in Ready's File Explorer upload functionality allows injection of arbitrary JavaScript code in filename. Injected content is stored on server and is executed every time a user interacts with the uploaded file...
CVE-2025-1983
CVE-2025-1983 describes an XSS in Ready_’s File Explorer upload: an attacker can inject JavaScript via the filename. The injected content is stored server-side and executes whenever a user interacts with the uploaded file. Connected sources (NVD and Red Hat CVEs) confirm the same description, ide...
CVE-2025-1983 Stored Cross-Site Scripting in Ready_
A cross-site scripting XSS vulnerability in Ready's File Explorer upload functionality allows injection of arbitrary JavaScript code in filename. Injected content is stored on server and is executed every time a user interacts with the uploaded file...
CVE-2025-1983 Stored Cross-Site Scripting in Ready_
A cross-site scripting XSS vulnerability in Ready's File Explorer upload functionality allows injection of arbitrary JavaScript code in filename. Injected content is stored on server and is executed every time a user interacts with the uploaded file...
Symfonia Ready_ 跨站脚本漏洞
Symfonia Ready is an operating system from Symfonia that builds programs for companies to use off-the-shelf modules and business applications. A cross-site scripting vulnerability exists in Symfonia Ready, which stems from insufficient input cleanup in the File Explorer upload function and could...
VulnCheck KEV: CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network...
About Spoofing – Windows File Explorer (CVE-2025-24071) vulnerability
About Spoofing - Windows File Explorer CVE-2025-24071 vulnerability. The vulnerability is from the March Microsoft Patch Tuesday. The VM vendors didn't highlight it in their reviews. A week later, on March 18, researcher 0x6rss published a write-up and a PoC exploit. According to him, the...
The vulnerability of the Windows File Explorer driver on Windows operating systems, allowing attackers to disclose protected information
The vulnerability of the Windows File Explorer in Windows operating systems is related to the disclosure of information. Exploiting this vulnerability can allow a remote attacker to disclose protected information...
CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-24071
CVE-2025-24071 affects Windows File Explorer via the .library-ms mechanism. When a user opens or extracts ZIP/RAR contents containing a crafted .library-ms, Explorer can trigger an SMB authentication to a remote server, leaking the user’s NTLM hash. No user interaction beyond extraction is requir...
CVE-2025-24071 Microsoft Windows File Explorer Spoofing Vulnerability
...
CVE-2025-24071 Microsoft Windows File Explorer Spoofing Vulnerability
...
Microsoft Windows File Explorer Spoofing Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network...
Microsoft Windows File Explorer 信息泄露漏洞
Microsoft Windows File Explorer is a file manager application from Microsoft Corporation USA. An information disclosure vulnerability exists in Microsoft Windows File Explorer. An attacker could exploit this vulnerability to obtain sensitive information. The following products and editions are...
PT-2025-10816
Name of the Vulnerable Software and Affected Versions Microsoft Windows File Explorer affected versions not specified Description A security flaw in Windows File Explorer allows attackers to capture NTLM hashed credentials when a user opens a folder containing a specially crafted .library-ms file...
VulnCheck KEV: CVE-2024-38100
Windows File Explorer Elevation of Privilege Vulnerability...
CVE-2024-55214
Local File Inclusion vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to obtain sensitive information via the file download functionality...
January 29, 2025—KB5050092 (OS Builds 22621.4830 and 22631.4830) Preview
January 29, 2025—KB5050092 OS Builds 22621.4830 and 22631.4830 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 23H2, see its update history page. Note Follow...