32 matches found
CVE-2024-37845
MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the Active Process Command feature...
CVE-2024-37847
An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file...
CVE-2024-37846
MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection CSTI vulnerability via the Platform Management Edit page...
CVE-2024-37844
A stored cross-site scripting XSS vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-37846
MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection CSTI vulnerability via the Platform Management Edit page...
CVE-2024-37846
MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection CSTI vulnerability via the Platform Management Edit page...
CVE-2024-37847
An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file...
CVE-2024-37847
An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file...
CVE-2024-37845
MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the Active Process Command feature...
CVE-2024-37844
A stored cross-site scripting XSS vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-37844
A stored cross-site scripting XSS vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-37845
MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the Active Process Command feature...
CVE-2024-37844
MangoOS is affected by a stored XSS vulnerability prior to version 5.2.0. The issue allows an attacker to execute arbitrary web scripts or HTML via a crafted payload, impacting web interfaces. Affected: MangoOS before 5.2.0. Root cause: stored XSS in the web context. Impact: potential data exposu...
CVE-2024-37845
MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the Active Process Command feature...
PT-2024-27779 · Mangoos · Mangoos
Name of the Vulnerable Software and Affected Versions: MangoOS versions prior to 5.2.0 Description: The issue is an authenticated remote code execution RCE vulnerability via the Active Process Command feature. Recommendations: For versions prior to 5.2.0, update to version 5.2.0 or later to resol...
PT-2024-27778 · Mangoos · Mangoos
Name of the Vulnerable Software and Affected Versions: MangoOS versions prior to 5.2.0 Description: A stored cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For versions prior to 5.2.0, update to version 5.2.0 or lat...
CVE-2024-37844
A stored cross-site scripting XSS vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-37844
A stored cross-site scripting XSS vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-37846
MangoOS before 5.2.0 is affected by a Client-Side Template Injection (CSTI) vulnerability exposed on the Platform Management Edit page. The issue is tied to the Platform Management Edit page and allows CSTI, with sources indicating that versions prior to 5.2.0 are vulnerable. The connected Red Ha...
CVE-2024-37847
The CVE-2024-37847 entry documents an arbitrary file upload vulnerability affecting MangoOS before 5.1.4 and Mango API before 4.5.5, enabling arbitrary code execution via a crafted file. Affected components: MangoOS and Mango API (versions prior to listed fixes). Root cause: improper handling of ...