363 matches found
EUVD-2026-17273
The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...
EUVD-2026-17271
Multiple cross-site scripting XSS vulnerabilities in PaperCut NG/MF before 25.0.10 allow authenticated administrator users to inject arbitrary web script or HTML code via different UI fields. This could be used to compromise other admininistrator's sessions or perform unauthorized actions via the...
CVE-2026-4794
Multiple cross-site scripting XSS vulnerabilities in PaperCut NG/MF before 25.0.10 allow authenticated administrator users to inject arbitrary web script or HTML code via different UI fields. This could be used to compromise other admininistrator's sessions or perform unauthorized actions via the...
CVE-2026-5115
The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...
CVE-2026-5115 Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices
The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...
CVE-2026-5115
The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...
CVE-2026-4794
Multiple cross-site scripting XSS vulnerabilities in PaperCut NG/MF before 25.0.10 allow authenticated administrator users to inject arbitrary web script or HTML code via different UI fields. This could be used to compromise other admininistrator's sessions or perform unauthorized actions via the...
CVE-2026-4794 Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF
Multiple cross-site scripting XSS vulnerabilities in PaperCut NG/MF before 25.0.10 allow authenticated administrator users to inject arbitrary web script or HTML code via different UI fields. This could be used to compromise other admininistrator's sessions or perform unauthorized actions via the...
CVE-2026-4794 Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF
Multiple cross-site scripting XSS vulnerabilities in PaperCut NG/MF before 25.0.10 allow authenticated administrator users to inject arbitrary web script or HTML code via different UI fields. This could be used to compromise other admininistrator's sessions or perform unauthorized actions via the...
CVE-2026-4794
PaperCut NG/MF prior to version 25.0.10 is affected by multiple XSS vulnerabilities in various UI fields that can be exploited by authenticated administrators to inject scripts or HTML, potentially compromising other admins’ sessions or performing actions within the admin context. A fix is availa...
PaperCut NG/MF 安全漏洞
PaperCut NG/MF is a printing management system developed by PaperCut Corporation. Versions of PaperCut NG/MF prior to 25.0.10 contained security vulnerabilities. These vulnerabilities stemmed from cross-site scripting vulnerabilities in multiple UI fields, which could allow for the injection of...
PaperCut NG/MF 安全漏洞
PaperCut NG/MF is a printing management system developed by PaperCut Corporation. There is a security vulnerability in PaperCut NG/MF. This vulnerability stems from an insecure communication channel between the embedded application and the server, which could lead to data leaks. These leaked data...
PT-2026-29169
Multiple cross-site scripting XSS vulnerabilities in PaperCut NG/MF before 25.0.10 allow authenticated administrator users to inject arbitrary web script or HTML code via different UI fields. This could be used to compromise other admininistrator's sessions or perform unauthorized actions via the...
📄 PaperCut MF/NG 25.0.5 Authentication Bypass / Remote Code Execution
A critical security vulnerability was discovered in version 25.0.5 of PaperCut MF/NG that allows attackers to bypass authentication and execute remote commands on the target system without requiring any credentials...
CVE-2023-31046
A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, this could potentially allow an authenticated attacker to achieve read-only access to the server's filesystem, because requests beginning with "GET /ui/static/..//.." reach...
CVE-2023-4568
PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch...
Exploit for Improper Access Control in Papercut Papercut_Mf
No d...
VulnCheck KEV: CVE-2023-39143
PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled a very common configuration...
EUVD-2014-2689
Malware in sbrugna...
EUVD-2014-2691
Malware in sbrugna...