Lucene search
+L

42 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:8 a.m.14 views

CVE-2024-32484

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...

8.2CVSS6.2AI score0.25924EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2024/07/23 2:21 a.m.3 views

SUSE CVE-2024-32484

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...

8.2CVSS7.1AI score0.25924EPSS
Exploits1References3
NVD
NVD
added 2024/07/22 3:15 p.m.45 views

CVE-2024-32484

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...

8.2CVSS0.25924EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/07/22 2:20 p.m.16 views

CVE-2024-32484

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...

7.4CVSS6.6AI score0.25924EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/22 2:20 p.m.46 views

CVE-2024-32484

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...

7.4CVSS0.25924EPSS
Exploits1References1
CVE
CVE
added 2024/07/22 2:20 p.m.83 views

CVE-2024-32484

Affected product: Ankitects Anki (entries reference Anki up to 25.02). The connected documents indicate CVE-2025-43703 describes an incomplete fix for CVE-2024-32484, resulting in attacker‑controlled access to the internal API via crafted decks/SRC attributes, effectively enabling scripted access...

8.2CVSS7.4AI score0.25924EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2024/07/22 2:20 p.m.56 views

CVE-2024-32484

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...

8.2CVSS6.2AI score0.25924EPSS
Exploits1
OSV
OSV
added 2024/07/22 2:20 p.m.20 views

CVE-2024-32484

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability...

7.4CVSS6.4AI score0.25924EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.9 views

PT-2024-24608 · Ankitects +1 · Anki +1

Name of the Vulnerable Software and Affected Versions: Ankitects Anki version 24.04 Description: A reflected XSS issue exists in the handling of invalid paths in the Flask server. This can be triggered by a specially crafted flashcard, leading to JavaScript code execution and potentially resultin...

8.2CVSS8AI score0.25924EPSS
Exploits1References16
CNNVD
CNNVD
added 2022/07/11 12:0 a.m.5 views

Home__internet 路径遍历漏洞

Homeinternet is a type of web server by the individual developer Umesh Patil. It is used to make specified folders on a computer accessible on a network for quick file uploads and downloads. Homeinternet A security vulnerability exists in versions 2020-08-28 and earlier, which stems from an unsaf...

9.3CVSS8.2AI score0.01242EPSS
Exploits1References2
NVD
NVD
added 2022/06/17 2:15 p.m.30 views

CVE-2021-40903

A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static...

9.8CVSS0.04501EPSS
Exploits1References3
OSV
OSV
added 2022/06/17 2:15 p.m.6 views

CVE-2021-40903

A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static...

9.8CVSS5.8AI score0.04501EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/06/17 2:15 p.m.3 views

CVE-2021-40903

A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static...

9.8CVSS7.2AI score0.04501EPSS
Exploits1References4
Prion
Prion
added 2022/06/17 2:15 p.m.22 views

Design/Logic Flaw

A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static...

7.5CVSS9.3AI score0.04501EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/06/17 1:46 p.m.31 views

CVE-2021-40903

A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static...

9.6AI score0.04501EPSS
Exploits1References3
CVE
CVE
added 2022/06/17 1:46 p.m.75 views

CVE-2021-40903

CVE-2021-40903 affects Antminer Monitor 0.50.0 via a backdoor or misconfiguration in the Flask server settings file, where a secret string is predefined and static. This could enable improper access or governance issues due to static credentials embedded in the configuration. remediation availabl...

9.8CVSS9.3AI score0.04501EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/17 12:0 a.m.10 views

PT-2022-11331 · Unknown · Antminer Monitor

Name of the Vulnerable Software and Affected Versions: Antminer Monitor version 0.50.0 Description: A vulnerability exists in the Antminer Monitor due to a backdoor or misconfiguration inside a settings file in the flask server. The settings file contains a predefined secret string that is static...

9.8CVSS9.3AI score0.04501EPSS
Exploits1References7
CNNVD
CNNVD
added 2022/06/17 12:0 a.m.5 views

Antminer Monitor 信任管理问题漏洞

Antminer Monitor is a cryptocurrency ASIC mining hardware monitor using a simple web interface by the individual developer Anastasios Selalmazidis in Greece. A trust management issue vulnerability exists in Antminer Monitor version 0.50.0, which is caused by a backdoor or misconfiguration in the...

9.8CVSS8.3AI score0.04501EPSS
Exploits1References5
0day.today
0day.today
added 2021/09/06 12:0 a.m.177 views

Antminer Monitor 0.5.0 - Authentication Bypass Vulnerability

Exploit Title: Antminer Monitor 0.5.0 - Authentication Bypass Dork:https://www.zoomeye.org/searchResult?q=%22antminer%20monitor%22 Exploit Author: CQR.company / Vulnz. Vendor Homepage: https://github.com/anselal/antminer-monitor, https://twitter.com/intent/follow?screenname=AntminerMonitor Softwa...

0.1AI score
Exploits0
PyPA
PyPA
added 2021/08/16 8:15 a.m.7 views

PYSEC-2021-122

If remote logging is not used, the worker in the case of CeleryExecutor or the scheduler in the case of LocalExecutor runs a Flask logging server and is listening on a specific port and also binds on 0.0.0.0 by default. This logging server had no authentication and allows reading log files of DAG...

5.3CVSS7.3AI score0.04022EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder