24 matches found
EUVD-2020-0126
Malware in sbrugna...
EUVD-2025-27606
Malicious code in bioql PyPI...
CVE-2025-10209
A security flaw has been discovered in Papermerge DMS up to 3.5.3. This issue affects some unknown processing of the component Authorization Token Handler. Performing manipulation results in improper authorization. The attack can be initiated remotely. The exploit has been released to the public...
CVE-2025-10209
A security flaw has been discovered in Papermerge DMS up to 3.5.3. This issue affects some unknown processing of the component Authorization Token Handler. Performing manipulation results in improper authorization. The attack can be initiated remotely. The exploit has been released to the public...
CVE-2025-10209 Papermerge DMS Authorization Token improper authorization
A security flaw has been discovered in Papermerge DMS up to 3.5.3. This issue affects some unknown processing of the component Authorization Token Handler. Performing manipulation results in improper authorization. The attack can be initiated remotely. The exploit has been released to the public...
CVE-2025-10209 Papermerge DMS Authorization Token improper authorization
A security flaw has been discovered in Papermerge DMS up to 3.5.3. This issue affects some unknown processing of the component Authorization Token Handler. Performing manipulation results in improper authorization. The attack can be initiated remotely. The exploit has been released to the public...
CVE-2025-10209
The CVE-2025-10209 entry concerns Papermerge DMS up to version 3.5.3. The vulnerability is in the Authorization Token Handler component, where manipulation can result in improper authorization. The issue is exploitable remotely, with exploitation information publicly available and a proof-of-conc...
PT-2025-37087
Name of the Vulnerable Software and Affected Versions: Papermerge DMS versions through 3.5.3 Description: A security flaw exists in Papermerge DMS related to the Authorization Token Handler component. Manipulation of this component can lead to improper authorization. This issue can be exploited...
Papermerge DMS 授权问题漏洞
Papermerge DMS is a document management system from Papermerge DMS open source. An authorization issue vulnerability exists in Papermerge DMS 3.5.3 and prior versions, which stems from improper handling of authorization tokens and can lead to unauthorized access...
CVE-2020-29456
Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...
GHSA-9W49-M7XH-5R39 Cross-site scripting in papermerge
Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...
Cross-site scripting in papermerge
Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...
Cross-site Scripting (XSS) - Generic in ciur/papermerge-js
Description Papermerge is an open source document management system DMS primarily designed for archiving and retrieving your digital documents. Instead of having piles of paper documents all over your desk, office or drawers - you can quickly scan them and configure your scanner to directly uploa...
Cross-site Scripting (XSS) - Generic in ciur/papermerge-js
:star2: Description - Papermerge is an open source document management system DMS primarily designed for archiving and retrieving your digital documents. Instead of having piles of paper documents all over your desk, office or drawers. In The Admin Upload Function. Users Are Able To Trigger...
Cross-site Scripting (XSS) - Generic in ciur/papermerge
:book: Description Papermerge is an open source document management system DMS primarily designed for archiving and retrieving your digital documents. Instead of having piles of paper documents all over your desk, office or drawers - you can quickly scan them and configure your scanner to directl...
Papermerge Cross-Site Scripting Vulnerability
Papermerge is an open source document management system DMS for archiving and retrieving digital documents. Multiple cross-site scripting vulnerabilities exist in versions prior to Papermerge 1.5.2. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the...
CVE-2020-29456
Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...
CVE-2020-29456
Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...
PYSEC-2020-74
Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...