24 matches found
CVE-2026-26291
Stored cross-site scripting vulnerability exists in GROWI v7.4.6 and earlier. If this vulnerability is exploited, an arbitrary script may be executed in a user's web browser...
EUVD-2026-22834
Stored cross-site scripting vulnerability exists in GROWI v7.4.6 and earlier. If this vulnerability is exploited, an arbitrary script may be executed in a user's web browser...
CVE-2026-26291
Stored cross-site scripting vulnerability exists in GROWI v7.4.6 and earlier. If this vulnerability is exploited, an arbitrary script may be executed in a user's web browser...
GROWI 安全漏洞
GROWI is an enterprise-level open-source knowledge base/Wiki system built using Node.js and React by GROWI Inc. GROWI versions 7.4.6 and earlier have a security vulnerability that stems from a storage-side cross-site scripting attack, which could allow arbitrary scripts to be executed in the user...
PT-2026-32998
Stored cross-site scripting vulnerability exists in GROWI v7.4.6 and earlier. If this vulnerability is exploited, an arbitrary script may be executed in a user's web browser...
Exploit for CVE-2026-35616
CVE-2026-35616 - FortiClient EMS Vulnerability Detector !Py...
Fortinet FortiClientEms 安全漏洞
Fortinet FortiClientEms is a centralized management system developed by the American company Fortinet. Versions 7.4.5 to 7.4.6 of Fortinet FortiClientEms contain security vulnerabilities. These vulnerabilities stem from improper access control, allowing unauthorized attackers to execute...
CVE-2023-53982 PMB 7.4.6 SQL Injection Vulnerability via Unsanitized Storage Parameter
PMB 7.4.6 contains a SQL injection vulnerability in the storage parameter of the ajax.php endpoint that allows remote attackers to manipulate database queries. Attackers can exploit the unsanitized 'id' parameter by injecting conditional sleep statements to extract information or perform time-bas...
PT-2025-48945
Name of the Vulnerable Software and Affected Versions Masa CMS versions prior to 7.2.8 Masa CMS versions prior to 7.3.13 Masa CMS versions prior to 7.4.6 Description Masa CMS is susceptible to a host header poisoning issue that can lead to account takeover through the password reset email...
Masa CMS 授权问题漏洞
Masa CMS is a digital experience platform. An authorization issue vulnerability exists in Masa CMS versions prior to 7.2.8, prior to 7.3.13, and prior to 7.4.6, which stems from host header poisoning and could lead to an account takeover via a password reset email...
CVE-2025-46776
A buffer copy without checking size of input 'classic buffer overflow' vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through 7.4.6, FortiExtender 7.2 all versions, FortiExtender 7.0 all versions may allow an authenticated user to execute arbitrary code or comman...
CVE-2024-32640
MASA CMS is an Enterprise Content Management platform based on open source technology. Versions prior to 7.4.5, 7.3.12, and 7.2.7 contain a SQL injection vulnerability in the processAsyncObject method that can result in remote code execution. Versions 7.4.5, 7.3.12, and 7.2.7 contain a fix for th...
EUVD-2024-30442
MASA CMS is an Enterprise Content Management platform based on open source technology. Versions prior to 7.4.6, 7.3.13, and 7.2.8 contain a SQL injection vulnerability in the processAsyncObject method that can result in remote code execution. Versions 7.4.6, 7.3.13, and 7.2.8 contain a fix for th...
Masa CMS SQL注入漏洞
Masa CMS is a digital experience platform. A SQL injection vulnerability exists in MASA CMS versions prior to 7.4.6, prior to 7.3.13, and prior to 7.2.8, which stems from a SQL injection in the processAsyncObject method that could lead to remote code execution...
Fortinet FortiADC 操作系统命令注入漏洞
Fortinet FortiADC is an application delivery controller from Fortinet, Inc. An operating system command injection vulnerability exists in Fortinet FortiADC, which stems from improper neutralization of special elements and could lead to OS command injection. The following versions are affected:...
OTCMS 代码问题漏洞
OTCMS OTCMS is a content management system CMS for article-based websites from OTCMS. A code issue vulnerability exists in OTCMS version 7.46 and prior versions, which stems from /admin/read.php containing a server-side request forgery issue...
WordPress Speed Optimizer plugin <= 7.4.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Speed Optimizer versions = 7.4.6...
CVE-2023-47261
Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnectionAsync //gettingstarted request contains a connection string for privileged SQL Server database access, and xpcmdshell can be enabled...
SUSE CVE-2023-0950
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet...
CVE-2023-24734
An arbitrary file upload vulnerability in the cameraupload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file...