232 matches found
CVE-2021-37152
Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager’s pages with code modifications...
CVE-2021-29159
A cross-site scripting XSS vulnerability has been discovered in Nexus Repository Manager 3.x before 3.30.1. An attacker with a local account can create entities with crafted properties that, when viewed by an administrator, can execute arbitrary JavaScript in the context of the NXRM application...
CVE-2021-43961
Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection...
CVE-2020-11444
Sonatype Nexus Repository Manager 3.x up to and including 3.21.2 has Incorrect Access Control...
CVE-2020-15870
Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS Issue 2 of 2...
CVE-2020-29436
Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to configure the system to gain access to content outside of NXRM via an XXE vulnerability. Fixed in version 3.29.0...
CVE-2019-15893
Sonatype Nexus Repository Manager 2.x before 2.14.15 allows Remote Code Execution...
CVE-2019-15588
There is an OS Command Injection in Nexus Repository Manager = 2.14.14 bypass CVE-2019-5475 that could allow an attacker a Remote Code Execution RCE. All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability...
The vulnerability of Sonatype Nexus Repository Manager relates to the lack of measures taken to protect the website structure, allowing attackers to carry out cross-site scripting attacks.
The vulnerability of Sonatype Nexus Repository Manager is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks by publishing Maven artifacts...
Sonatype Nexus Repository Manager 跨站脚本漏洞
Sonatype Nexus Repository Manager NXRM is a repository manager from Sonatype, Inc. that is used for managing, storing, and distributing software, among other things. A cross-site scripting vulnerability exists in Sonatype Nexus Repository Manager version 2.15.1 and earlier, which stems from the...
The vulnerability of Sonatype Nexus Repository Manager lies in the improper restriction of the path name to the restricted directory. This allows attackers to disclose protected information.
The vulnerability of Sonatype Nexus Repository Manager is related to incorrect restrictions on the path to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to disclose protected information...
Exploit for CVE-2024-4956
CVE-2024-4956 !My Shophttps://img.shields.io/badge/My%20S...
Exploit for CVE-2024-4956
CVE-2024-4956-Sonatype-Nexus-Repository-Manager Sonatype Ne...
Exploit for CVE-2024-4956
CVE-2024-4956 : Nexus Repository Manager 3 Dork: - Shodan:...
Exploit for CVE-2024-4956
CVE-2024-4956 - Unauthenticated Path Traversal in Nexus Reposi...
Exploit for CVE-2024-4956
CVE-2024-4956 Nexus Reposito...
Exploit for CVE-2024-4956
CVE-2024-4956 Nexus Reposito...
Sonatype Nexus Repository 安全漏洞
Nexus Repository Manager is a repository management system. A path traversal vulnerability exists in Sonatype Nexus Repository Manager that can be exploited by an attacker to obtain sensitive information...
SUSE CVE-2019-9629
Sonatype Nexus Repository Manager before 3.17.0 establishes a default administrator user with weak defaults fixed credentials...
The vulnerability of Sonatype Nexus Repository Manager lies in the lack of measures to clean input data, allowing a perpetrator to execute arbitrary code.
The vulnerability of Sonatype Nexus Repository Manager is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...