Lucene search
+L

62 matches found

euvd
euvd
added 6 days ago6 views

EUVD-2026-43000

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, an authenticated user with import and assets.update permissions can place a path traversal string in an asset image field through CSV import and then trigger image deletion, allowing deletion of arbitrary files accessible to the...

6.5CVSS6.2AI score0.00378EPSS
Exploits0References3
cvelist
cvelist
added 6 days ago30 views

CVE-2026-55469 Snipe-IT: Path traversal vulnerability via CSV import `image` field

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, an authenticated user with import and assets.update permissions can place a path traversal string in an asset image field through CSV import and then trigger image deletion, allowing deletion of arbitrary files accessible to the...

6.5CVSS0.00378EPSS
Exploits0References3
cve
cve
added 6 days ago9 views

CVE-2026-55469

Snipe-IT prior to 8.6.2 is affected. An authenticated user with import and assets.update permissions can inject a path traversal string into an asset image field via CSV import, which can trigger image deletion and lead to deletion of arbitrary files accessible to the server process. The issue is...

6.5CVSS6.2AI score0.00378EPSS
Exploits0References3Affected Software1
osv
osv
added 6 days ago3 views

CVE-2026-55469 Snipe-IT: Path traversal vulnerability via CSV import `image` field

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, an authenticated user with import and assets.update permissions can place a path traversal string in an asset image field through CSV import and then trigger image deletion, allowing deletion of arbitrary files accessible to the...

6.5CVSS6.2AI score0.00378EPSS
Exploits0References5
cve
cve
added 2026/07/05 2:0 p.m.19 views

CVE-2026-14754

The CVE covers code-projects Hotel and Tourism Reservation 1.0, where the /admin/add_room.php function is vulnerable. Manipulating the arguments delete_image, edit/description, number, price, rooms, or type can trigger an SQL injection. The attack can be launched remotely, and a public exploit ha...

7.5CVSS6.8AI score0.00269EPSS
Exploits0References6
cvelist
cvelist
added 2026/06/25 3:23 p.m.38 views

CVE-2026-48942 Joomla Extension - getk2.org - Stored-XSS in K2 extension for Joomla < 2.26

K2 ≤ 2.26 renders the k2users.image column directly into HTML src attributes via two distinct templates, in both cases without HTML escaping...

0.00149EPSS
Exploits0References1
alpinelinux
alpinelinux
added 2026/06/25 3:23 p.m.8 views

CVE-2026-48942

K2 ≤ 2.26 renders the k2users.image column directly into HTML src attributes via two distinct templates, in both cases without HTML escaping...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1
euvd
euvd
added 2026/06/25 3:22 p.m.4 views

EUVD-2026-39438

K2 ≤ 2.24 contains a mass-assignment defect in the K2 system user plugin plguserk2. A Registered Joomla user, by including the field K2UserForm=1 in a standard comusers profile.save POST, can write arbitrary values into the notes, image, and plugins columns of their own row in the k2users table —...

6.5CVSS6AI score0.00182EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/25 3:22 p.m.31 views

CVE-2026-48943 Joomla Extension - getk2.org - Authenticated user property mass-assignment in K2 extension for Joomla < 2.26

K2 ≤ 2.24 contains a mass-assignment defect in the K2 system user plugin plguserk2. A Registered Joomla user, by including the field K2UserForm=1 in a standard comusers profile.save POST, can write arbitrary values into the notes, image, and plugins columns of their own row in the k2users table —...

0.00182EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/25 3:22 p.m.8 views

CVE-2026-48943 Joomla Extension - getk2.org - Authenticated user property mass-assignment in K2 extension for Joomla < 2.26

K2 ≤ 2.24 contains a mass-assignment defect in the K2 system user plugin plguserk2. A Registered Joomla user, by including the field K2UserForm=1 in a standard comusers profile.save POST, can write arbitrary values into the notes, image, and plugins columns of their own row in the k2users table —...

5.9AI score0.00182EPSS
Exploits0References1
cve
cve
added 2026/06/25 3:22 p.m.15 views

CVE-2026-48943

Summary: CVE-2026-48943 affects K2 ≤ 2.24, specifically the K2 system user plugin plg_user_k2. A mass‑assignment defect allows a registered Joomla user to set the field K2UserForm=1 in a normal com_users profile.save POST and write arbitrary values into the notes, image, and plugins columns of th...

6.5CVSS6AI score0.00182EPSS
Exploits0References1Affected Software1
alpinelinux
alpinelinux
added 2026/06/25 3:22 p.m.5 views

CVE-2026-48943

K2 ≤ 2.24 contains a mass-assignment defect in the K2 system user plugin plguserk2. A Registered Joomla user, by including the field K2UserForm=1 in a standard comusers profile.save POST, can write arbitrary values into the notes, image, and plugins columns of their own row in the k2users table —...

6.5CVSS5.9AI score0.00182EPSS
Exploits0References1
euvd
euvd
added 2026/06/19 4:31 a.m.12 views

EUVD-2026-37985

The Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.7 via the uploadattachment. This makes it possible for unauthenticated attackers to make web...

6.5CVSS6AI score0.00312EPSS
Exploits0References10
osv
osv
added 2026/06/17 6:58 p.m.7 views

DRUPAL-CORE-2026-009

The JSON:API and REST modules allow you to upload image files to image fields. The validation rules check the file extension of the uploaded file but not the file MIME type. This may allow a malicious user to upload a file that is not an image. Certain web-server configurations may serve the...

5.4CVSS4.9AI score0.00133EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:30 p.m.11 views

CVE-2026-42839

An authenticated ERPNext user with Item record edit permissions can persist arbitrary HTML/JavaScript in the itemname, description, or image fields of an Item and trigger unescaped rendering in the Point of Sale POS cart interface for every operator who adds that item to a transaction.This issue...

4.8CVSS5.6AI score0.00261EPSS
Exploits0References1
friendsofphp
friendsofphp
added 2026/06/04 6:43 a.m.8 views

Stored Cross-Site Scripting (XSS) via uploaded files served inline in FileField and ImageField

EasyAdmin's FileField and ImageField accept browser-executable file types by default FileField applies no MIME/extension restrictions; ImageField's default Image constraint accepts SVG. When the upload directory is configured inside the public web root — as shown in the documentation — EasyAdmin...

6.2AI score
Exploits0Affected Software1
osv
osv
added 2026/05/10 8:29 p.m.11 views

MAL-2026-3413 Malicious code in django-b64-img (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f5ebdaebc61cf7a888322348e074f219519b7d09a24ab91732d8bc5061d86b2e The package provides a special image-storing field for Django REST Framework based on a legitimate implementation from the Hipo/drf-extra-fields repository. Th...

5.8AI score
Exploits0References1
vulnrichment
vulnrichment
added 2026/04/05 8:45 p.m.4 views

CVE-2019-25657 AnyBurn 4.3 x86 Denial of Service via Image Conversion

AnyBurn 4.3 x86 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the image conversion function. Attackers can paste a large buffer into the source or destination image file fields and click Convert Now to...

6.8CVSS6AI score0.00189EPSS
Exploits1References3
cvelist
cvelist
added 2026/02/20 4:55 p.m.29 views

CVE-2026-27506 SVXportal <= 2.5 Profile Update Stored XSS

SVXportal version 2.5 and prior contain a stored cross-site scripting vulnerability in the user profile update workflow usersettings.php submitting to admin/updateuser.php. Authenticated users can store malicious HTML/JavaScript in fields such as Firstname, lastname, email, and imageurl, which ar...

6.1CVSS0.00165EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-0566

Malware in sbrugna...

7.5CVSS6.3AI score0.01746EPSS
Exploits1References6
Rows per page
Query Builder