48 matches found
Nozomi Networks CMC和Nozomi Networks Guardian 安全漏洞
Nozomi Networks CMC and Nozomi Networks Guardian are both products of Nozomi Networks, a company based in the United States. Nozomi Networks CMC is a network management platform. Nozomi Networks Guardian is a security software. Both Nozomi Networks CMC and Nozomi Networks Guardian have security...
CVE-2026-33531
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, a path traversal vulnerability in the report template engine allows a staff-level user to read arbitrary files from the server filesystem via crafted template tags. Affected functions: encodesvgimage, asset, and...
EUVD-2026-16361
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, a path traversal vulnerability in the report template engine allows a staff-level user to read arbitrary files from the server filesystem via crafted template tags. Affected functions: encodesvgimage, asset, and...
CVE-2026-33531 InvenTree has Path Traversal In Report Templates
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, a path traversal vulnerability in the report template engine allows a staff-level user to read arbitrary files from the server filesystem via crafted template tags. Affected functions: encodesvgimage, asset, and...
CVE-2026-33531 InvenTree has Path Traversal In Report Templates
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, a path traversal vulnerability in the report template engine allows a staff-level user to read arbitrary files from the server filesystem via crafted template tags. Affected functions: encodesvgimage, asset, and...
CVE-2026-33531 InvenTree has Path Traversal In Report Templates
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, a path traversal vulnerability in the report template engine allows a staff-level user to read arbitrary files from the server filesystem via crafted template tags. Affected functions: encodesvgimage, asset, and...
CVE-2026-33531
CVE-2026-33531 affects InvenTree prior to 1.2.6. A path traversal vulnerability in the report template engine allows a staff-level user to read arbitrary server files via crafted template tags in report.py (encode_svg_image(), asset(), uploaded_image()). Exploitation requires staff access to uplo...
PT-2026-28489
Name of the Vulnerable Software and Affected Versions InvenTree versions prior to 1.2.6 InvenTree versions 1.2.6 through 1.3.0 Description InvenTree is an Open Source Inventory Management System. A path traversal issue exists in the report template engine, allowing a staff-level user to read...
CVE-2025-65480
An issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are executed when certain script conditions are fulfilled, leading to Remote Code Execution...
CVE-2025-65480
An issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are executed when certain script conditions are fulfilled, leading to Remote Code Execution...
Exploit for CVE-2025-65480
CVE-2025-65480: Remote Code Execution in Pacom Unison Client A...
CVE-2025-65480
Pacom Unison Client 5.13.1 contains a vulnerability where authenticated users can inject malicious scripts into Report Templates that are executed when certain script conditions are fulfilled, leading to Remote Code Execution. This is the stated impact; no exploit details are provided in the avai...
PT-2026-7625
An issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are executed when certain script conditions are fulfilled, leading to Remote Code Execution...
CVE-2025-65480
An issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are executed when certain script conditions are fulfilled, leading to Remote Code Execution...
Pacom Unison Client 安全漏洞
Pacom Unison Client is an intelligent security management system developed by the Pacom company in the United States. Version 5.13.1 of Pacom Unison Client contains a security vulnerability. This vulnerability allows authenticated users to inject malicious scripts into report templates, potential...
CVE-2025-65480
An issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are executed when certain script conditions are fulfilled, leading to Remote Code Execution...
CVE-2025-40892
A Stored Cross-Site Scripting vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a malicious report containing a JavaScript payload, or a victim can be socially engineered to import a...
EUVD-2019-3948
Malware in sbrugna...
EUVD-2024-52977
Malicious code in bioql PyPI...
CVE-2025-54316
An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting...