Lucene search
K

67 matches found

Vulnrichment
Vulnrichment
added 2025/09/26 4:2 p.m.4 views

CVE-2025-11027 givanz Vvveb SVG File cross site scripting

A vulnerability was identified in givanz Vvveb up to 1.0.7.2. Affected by this issue is some unknown functionality of the component SVG File Handler. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit is publicly available and might be used. Once aga...

4.8CVSS5.8AI score0.0026EPSS
Exploits1References4
CVE
CVE
added 2025/09/26 4:2 p.m.13 views

CVE-2025-11027

The CVE-2025-11027 issue affects givanz Vvveb up to version 1.0.7.2, specifically in the SVG File Handler component. The root cause is a cross-site scripting vulnerability that could be triggered remotely. Exploitation is described as publicly available in referenced sources. Remediation provided...

5.4CVSS3.7AI score0.0026EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/09/26 12:0 a.m.3 views

Vvveb 安全漏洞

Vvveb is a powerful and easy-to-use CMS from Givan Individual Developers for building websites, blogs or e-commerce stores. A security vulnerability exists in Vvveb version 1.0.7.2 and earlier, which stems from an unknown functionality issue in the component SVG File Handler that could lead to...

5.4CVSS3.8AI score0.0026EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.6 views

PT-2025-39655

Name of the Vulnerable Software and Affected Versions givanz Vvveb versions up to 1.0.7.2 Description A cross-site scripting issue exists in the SVG File Handler component. This manipulation can be launched remotely. The exploit is publicly available. Recommendations Update to a version beyond...

4.8CVSS3.5AI score0.0026EPSS
Exploits1References8
Snyk
Snyk
added 2025/09/24 6:30 p.m.3 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the logoNavbar or logoLogin arguments in the SVG File Handler component of the /admin path. An attacker can inject and execute arbitrary scripts by supplying crafted input to these arguments. Details...

4.8CVSS4AI score0.00288EPSS
Exploits0References2
OSV
OSV
added 2025/09/24 6:30 p.m.5 views

GHSA-4C44-R8RM-3P39 Mangati NovoSGA XSS vulnerability in /admin

A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...

4.8CVSS5.6AI score0.00288EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2025/09/24 6:30 p.m.8 views

Mangati NovoSGA XSS vulnerability in /admin

A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...

4.8CVSS5.6AI score0.00288EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2025/09/24 5:15 p.m.8 views

CVE-2025-10909

A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...

4.8CVSS0.00288EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/09/24 4:32 p.m.11 views

CVE-2025-10909 Mangati NovoSGA SVG File admin cross site scripting

A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...

4.8CVSS0.00288EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/24 4:32 p.m.2 views

CVE-2025-10909 Mangati NovoSGA SVG File admin cross site scripting

A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...

4.8CVSS5.4AI score0.00288EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/24 12:0 a.m.5 views

PT-2025-39289

Name of the Vulnerable Software and Affected Versions Mangati NovoSGA versions through 2.2.9 Description A security flaw exists in Mangati NovoSGA. The issue is related to cross site scripting within the SVG File Handler component, specifically affecting the file /admin. Manipulation of the...

4.8CVSS3.3AI score0.00288EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/09/13 2:20 p.m.10 views

CVE-2025-10253

A vulnerability has been found in openDCIM 23.04. This vulnerability affects unknown code of the file /scripts/uploadifive.php of the component SVG File Handler. Such manipulation of the argument Filedata leads to cross site scripting. The attack can be launched remotely. The exploit has been...

5.1CVSS5.5AI score0.00246EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/11 2:2 p.m.1 views

CVE-2025-10253 openDCIM SVG File uploadifive.php cross site scripting

A vulnerability has been found in openDCIM 23.04. This vulnerability affects unknown code of the file /scripts/uploadifive.php of the component SVG File Handler. Such manipulation of the argument Filedata leads to cross site scripting. The attack can be launched remotely. The exploit has been...

5.1CVSS5.4AI score0.00246EPSS
Exploits0References4
OSV
OSV
added 2025/08/19 4:15 p.m.6 views

CVE-2025-9145

A security vulnerability has been detected in Scada-LTS 2.7.8.1. This issue affects some unknown processing of the file viewedit.shtm of the component SVG File Handler. Such manipulation of the argument backgroundImageMP leads to cross site scripting. The attack can be launched remotely. The...

5.4CVSS5.7AI score0.00256EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/19 12:0 a.m.2 views

Scada-LTS 代码注入漏洞

Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A code injection vulnerability exists in Scada-LTS version 2.7.8.1, which originates from a cross-site scripting attack due to misuse of the file viewedit.shtm parameter backgroundImageMP in the component...

5.4CVSS6.7AI score0.00256EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/04/16 3:36 p.m.7 views

CVE-2025-3568

A vulnerability has been found in Webkul Krayin CRM up to 2.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/settings/users/edit/ of the component SVG File Handler. The manipulation leads to cross site scripting. The attack can be...

5.4CVSS6.3AI score0.00326EPSS
Exploits2References1
NVD
NVD
added 2025/04/14 2:15 p.m.18 views

CVE-2025-3568

A vulnerability has been found in Webkul Krayin CRM up to 2.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/settings/users/edit/ of the component SVG File Handler. The manipulation leads to cross site scripting. The attack can be...

5.4CVSS0.00326EPSS
Exploits2References5
OSV
OSV
added 2025/04/14 2:15 p.m.3 views

CVE-2025-3568

A vulnerability has been found in Webkul Krayin CRM up to 2.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/settings/users/edit/ of the component SVG File Handler. The manipulation leads to cross site scripting. The attack can be...

5.4CVSS6.4AI score
Exploits0References5
Cvelist
Cvelist
added 2025/04/14 1:31 p.m.21 views

CVE-2025-3568 Webkul Krayin CRM SVG File edit cross site scripting

A vulnerability has been found in Webkul Krayin CRM up to 2.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/settings/users/edit/ of the component SVG File Handler. The manipulation leads to cross site scripting. The attack can be...

5.1CVSS0.00326EPSS
Exploits2References5
CVE
CVE
added 2025/04/14 1:31 p.m.81 views

CVE-2025-3568

CVE-2025-3568 affects Webkul Krayin CRM

5.4CVSS3.8AI score0.00326EPSS
Exploits2References5Affected Software1
Rows per page
Query Builder