Lucene search
+L

133 matches found

osv
osv
added 2021/12/15 4:15 p.m.10 views

CVE-2021-43675

Lychee-v3 3.2.16 is affected by a Cross Site Scripting XSS vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user...

6.1CVSS5.8AI score0.00851EPSS
Exploits0References3
nvd
nvd
added 2021/12/15 4:15 p.m.37 views

CVE-2021-43675

Lychee-v3 3.2.16 is affected by a Cross Site Scripting XSS vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user...

6.1CVSS0.00851EPSS
Exploits0References3
prion
prion
added 2021/12/15 4:15 p.m.19 views

Cross site scripting

Lychee-v3 3.2.16 is affected by a Cross Site Scripting XSS vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user...

4.3CVSS6AI score0.00851EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2021/12/15 3:24 p.m.30 views

CVE-2021-43675

Lychee-v3 3.2.16 is affected by a Cross Site Scripting XSS vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user...

6.1AI score0.00851EPSS
Exploits0References3
cve
cve
added 2021/12/15 3:24 p.m.57 views

CVE-2021-43675

Lychee-v3 3.2.16 is affected by a Cross Site Scripting (XSS) vulnerability in php/Access/Guest.php. The issue arises because the exit path prints a message to the user that includes albumID, which is controllable by the attacker. Affected component: Lychee-v3, version 3.2.16; vulnerable function/...

6.1CVSS5.9AI score0.00851EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2021/12/15 12:0 a.m.8 views

PT-2021-23904 · Lychee-V3 · Lychee-V3

Name of the Vulnerable Software and Affected Versions: Lychee-v3 version 3.2.16 Description: The issue is related to a Cross Site Scripting XSS vulnerability in the php/Access/Guest.php file. The exit function will terminate the script and print a message to the user, which contains the albumID...

6.1CVSS5.9AI score0.00851EPSS
Exploits0References7
cnnvd
cnnvd
added 2021/12/15 12:0 a.m.31 views

Lychee 跨站脚本漏洞

Lychee is a beautiful and easy to use photo management system open sourced by The Lychee Organisation. Lychee has a cross-site scripting vulnerability, and no details of the vulnerability are available...

6.1CVSS5.2AI score0.00851EPSS
Exploits0References3
cnvd
cnvd
added 2018/09/07 12:0 a.m.3 views

Guangzhou Lychee Network Co. Touchmedia News APP has file upload vulnerability

Touchdown News App is a news and information app. A file upload vulnerability exists in Touchmedia News APP by Guangzhou Lychee Network Co. An attacker can exploit the vulnerability to upload arbitrary PHP files and execute arbitrary PHP scripts on a remote server...

7.4AI score
Exploits0
cnvd
cnvd
added 2017/08/24 12:0 a.m.3 views

Lychee Live AliCloud OSS credentials have information leakage vulnerability

Lychee Live app is an Internet-based interactive live broadcasting platform launched by Guangdong Network Radio and Television. There is an information leakage vulnerability in Lychee Live Aliyun OSS credentials. The vulnerability is caused by credential leakage due to the use of SDK with...

6.9AI score
Exploits0
cnvd
cnvd
added 2015/05/20 12:0 a.m.4 views

Lychee 'importUrl()' function remote code execution vulnerability

Lychee is a free, open source image management tool. A remote code execution vulnerability exists in Lychee. An attacker could use this vulnerability to execute arbitrary code in the context of an affected application, which could also result in a denial of service...

8.4AI score
Exploits0References1
securityvulns
securityvulns
added 2015/05/12 12:0 a.m.749 views

Lychee 2.7.1 remote code execution

Advisory ID: SGMA15-002 Title: Lychee remote code execution Product: Lychee Version: 2.7.1 and probably prior Vendor: lychee.electerious.com Vulnerability type: Remote Code Execution Risk level: High Credit: Filippo Cavallarin - segment.technology CVE: N/A Vendor notification: 2015-04-12 Vendor...

1AI score
Exploits0
zdt
zdt
added 2015/04/19 12:0 a.m.30 views

Lychee 2.7.1 Remote Code Execution Vulnerability

Lychee version 2.7.1 suffers from a remote code execution vulnerability when logged in as an administrator. Title: Lychee remote code execution Product: Lychee Version: 2.7.1 and probably prior Vendor: lychee.electerious.com Vulnerability type: Remote Code Execution Risk level: High Credit: Filip...

7.9AI score
Exploits0
packetstorm
packetstorm
added 2015/04/19 12:0 a.m.22 views

Lychee 2.7.1 Remote Code Execution

Advisory ID: SGMA15-002 Title: Lychee remote code execution Product: Lychee Version: 2.7.1 and probably prior Vendor: lychee.electerious.com Vulnerability type: Remote Code Execution Risk level: High Credit: Filippo Cavallarin - segment.technology CVE: N/A Vendor notification: 2015-04-12 Vendor...

7.4AI score
Exploits0
Rows per page
Query Builder