Lucene search
K

4 matches found

CNNVD
CNNVD
added 2026/05/21 12:0 a.m.7 views

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS prior to 9.5.0 had a cross-site request forgeing vulnerability. This vulnerability was exploited through the concrete/controllers/backend/file rescanMultiple function, making it susceptibl...

8.8CVSS5.7AI score0.0013EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/17 11:48 p.m.5 views

CVE-2026-27894

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. Prior to version 9.5, a local file inclusion was detected in the PDF export that allows users to include local PHP files and this way execute code. In combination with...

8.8CVSS6AI score0.00371EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2020/11/27 12:0 a.m.3 views

GLPI Insecure Direct Object Reference Vulnerability (CNVD-2020-67631)

GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner cartridg...

4.3CVSS6.7AI score0.00685EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/05 12:0 a.m.2 views

Foxit Reader and PhantomPDF Data Forgery Issue Vulnerability (CNVD-2020-32458)

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit Reader versions prior to 9.5 and PhantomPDF versions prior to 9.5. The vulnerability can be exploited to bypass signature verification with modified documents or...

7.5CVSS6.8AI score0.01004EPSS
Exploits0References1
Rows per page
Query Builder