Lucene search
K

48 matches found

CVE
CVE
added 2022/03/10 11:35 p.m.125 views

CVE-2022-25511

FreeTAKServer-UI v1.9.8 contains a path traversal vulnerability in the ?filename= parameter of the /DataPackageTable route that can allow attackers to place arbitrary files on the system. This is documented across multiple sources (CVE-2022-25511 and related advisories). The exact root cause is n...

6.5CVSS6.3AI score0.00719EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/03/10 11:35 p.m.116 views

CVE-2022-25506

CVE-2022-25506 concerns FreeTAKServer-UI v1.9.8 with a reported SQL injection vulnerability in the API endpoint /AuthenticateUser . Multiple connected sources confirm the flaw stems from improper neutralization of SQL commands against the SQLite3 database, enabling an attacker to access sensitive...

6.5CVSS6.6AI score0.00855EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/03/10 11:35 p.m.25 views

CVE-2022-25506

FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability via the API endpoint /AuthenticateUser...

6.9AI score0.00855EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/03/10 11:35 p.m.31 views

CVE-2022-25507

FreeTAKServer-UI v1.9.8 was discovered to contain a stored cross-site scripting XSS vulnerability via the Callsign parameter...

5.5AI score0.00479EPSS
Exploits1References1
OSV
OSV
added 2022/03/10 11:35 p.m.13 views

CVE-2022-25506

FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability via the API endpoint /AuthenticateUser...

6.5CVSS8.1AI score0.00855EPSS
Exploits1References3
CVE
CVE
added 2022/03/10 11:35 p.m.122 views

CVE-2022-25507

CVE-2022-25507 affects FreeTAKServer-UI (v1.9.8) with a stored XSS vulnerability exploitable via the Callsign parameter. The connected sources confirm the vulnerability but do not provide exploitation details, affected versions beyond v1.9.8, or a published patch/mitigation. No root-cause or impa...

5.4CVSS5.2AI score0.00479EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/03/10 11:35 p.m.21 views

CVE-2022-25507

FreeTAKServer-UI v1.9.8 was discovered to contain a stored cross-site scripting XSS vulnerability via the Callsign parameter...

5.4CVSS5.8AI score0.00479EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.6 views

FreeTAKServer-UI 跨站脚本漏洞

FreeTAKServer-UI is an open source FTS web interface from the FreeTAKTeam. FreeTAKServer-UI has a cross-site scripting vulnerability that originates from the Callsign parameter, and no detailed vulnerability details are currently available...

5.4CVSS5.1AI score0.00479EPSS
Exploits1References3
Rows per page
Query Builder