Lucene search
K

167 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-2223

Malware in sbrugna...

5CVSS6.4AI score0.01218EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-54902

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00618EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-34416

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00747EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-43301

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00526EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-35341

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00291EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-43608

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00853EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-50176

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00582EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-50177

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00582EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:3 p.m.9 views

CVE-2022-40317

OpenKM 6.3.11 allows stored XSS related to the javascript: substring in an A element...

5.4CVSS5.8AI score0.00853EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 p.m.14 views

CVE-2022-3969

A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this...

5.5CVSS6.9AI score0.00526EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:11 p.m.7 views

CVE-2012-2316

Cross-site request forgery CSRF vulnerability in servlet/admin/AuthServlet.java in OpenKM 5.1.7 and other versions before 5.1.8-2 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary code via the script parameter to admin/scripting.jsp...

6.8CVSS8.4AI score0.04254EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:15 a.m.8 views

CVE-2019-11445

OpenKM 6.3.2 through 6.3.7 allows an attacker to upload a malicious JSP file into the /okm:root directories and move that file to the home directory of the site, via frontend/FileUpload and admin/repositoryexport.jsp. This is achieved by interfering with the Filesystem path control in the admin's...

9CVSS8AI score0.14478EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/13 11:10 p.m.19 views

CVE-2024-35475

A Cross-Site Request Forgery CSRF vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands...

6.4CVSS8.1AI score0.00291EPSS
Exploits0References4
NVD
NVD
added 2024/05/22 2:15 p.m.23 views

CVE-2024-35475

A Cross-Site Request Forgery CSRF vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands...

6.4CVSS7.8AI score0.00291EPSS
Exploits0References2
OSV
OSV
added 2024/05/22 2:15 p.m.7 views

CVE-2024-35475

A Cross-Site Request Forgery CSRF vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands...

6.4CVSS7.9AI score0.00291EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/22 1:49 p.m.32 views

CVE-2024-35475

A Cross-Site Request Forgery CSRF vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands...

7.8AI score0.00291EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/22 1:49 p.m.13 views

CVE-2024-35475

A Cross-Site Request Forgery CSRF vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands...

8.1AI score0.00291EPSS
Exploits0References2
CVE
CVE
added 2024/05/22 1:49 p.m.68 views

CVE-2024-35475

OpenKM Community Edition versions 6.3.12 and earlier are affected by CVE-2024-35475, a CSRF vulnerability in the /admin/DatabaseQuery endpoint. The issue allows an attacker with administrative privileges to instruct the victim to execute arbitrary SQL commands. Impact is described as potential ma...

6.4CVSS8.1AI score0.00291EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/05/22 12:0 a.m.8 views

OpenKM 安全漏洞

OpenKM is a document management system from the Spanish company OpenKM. The system provides features such as version control, document history and file sharing. A security vulnerability exists in OpenKM 6.3.12 and earlier versions, which stems from a cross-site request forgery CSRF vulnerability ...

6.4CVSS6.6AI score0.00291EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/22 12:0 a.m.10 views

PT-2024-26513

Name of the Vulnerable Software and Affected Versions OpenKM Community Edition versions 6.3.12 and earlier Description A Cross-Site Request Forgery CSRF issue was found in the "admin/DatabaseQuery" endpoint, allowing an attacker to manipulate a victim with administrative privileges into executing...

6.4CVSS7.1AI score0.00291EPSS
Exploits0References9
Rows per page
Query Builder