CVE-2021-47963

Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to execute arbitrary code by injecting malicious payloads into markdown files stored within the application. Attackers can craft malicious markdown files with embedded JavaScript that executes system commands...

CVE-2026-0383

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

EUVD-2026-5262

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

CVE-2026-0383

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

Broadcom Brocade Fabric OS 安全漏洞

Broadcom Brocade Fabric OS is an embedded operating system used in switches and routers by Broadcom Corporation. There is a security vulnerability in Broadcom Brocade Fabric OS. This vulnerability stems from local attackers with access to the Bash shell being able to access the content of...

CVE-2025-67708

There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and earlier on Windows and Linux that in some configurations allows a remote unauthenticated attacker to store files that contain malicious code that may execute in the context of a victim’s browser...

PT-2025-54461

Name of the Vulnerable Software and Affected Versions Esri ArcGIS Server versions prior to 11.4 Description A stored cross site scripting issue exists in Esri ArcGIS Server. In certain setups, a remote, unauthenticated attacker can store files containing malicious code that could execute within a...

CVE-2025-34337

Summary (CVE-2025-34337) The eGovFramework/egovframe-common-components package

PT-2025-47486

Name of the Vulnerable Software and Affected Versions eGovFramework/egovframe-common-components versions up to and including 4.3.1 Description The Web Editor image upload functionality within the software uses symmetric encryption for URL parameters but reveals an encryption oracle. This allows...

EUVD-2024-16235

Malicious code in bioql PyPI...

CVE-2022-22251

On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX softwa...

Design/Logic Flaw

On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX softwa...

Juniper Junos OS Vulnerability (JSA69908)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA69908 advisory. - On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks...

CVE-2020-6284

CVE-2020-6284 affects SAP NetWeaver Knowledge Management (versions 7.30, 7.31, 7.40, 7.50). The issue is a stored cross-site scripting (XSS) vulnerability caused by inadequate filtering when executing script content in a stored file. If an accessing user has administrative privileges, this could ...

CVE-2020-6284

SAP NetWeaver Knowledge Management, versions - 7.30, 7.31, 7.40, 7.50, allows the automatic execution of script content in a stored file due to inadequate filtering with the accessing user's privileges. If the accessing user has administrative privileges, then the execution of the script content...

UBUNTU-CVE-2018-1134

An issue was discovered in Moodle 3.x. Students who submitted assignments and exported them to portfolios can download any stored Moodle file by changing the download URL...

UBUNTU-CVE-2018-1135

An issue was discovered in Moodle 3.x. Students who posted on forums and exported the posts to portfolios can download any stored Moodle file by changing the download URL...

GeoVision (GeoHttpServer) Webcams - Remote File Disclosure

!/usr/bin/python import os import sys import socket import binascii ''' Title : GeoVision GeoHttpServer WebCams Remote File Disclosure Exploit CVE-ID : none Product : GeoVision System : GeoHttpServer Affected : 8.3.3.0 may be more Impact : Critical Remote : Yes Website link:...

LG DVR LE6016D - Remote File Disclosure Vulnerability

Exploit for hardware platform in category web applications ---------------------------------------------------------------------- Title : LG DVR LE6016D - Remote File Disclosure Vulnerability 0day CVE-ID : none Product : LG Affected : All versions Impact : Critical Remote : Yes Product link:...

Server: Insecure Flash Cross Domain policies

Due to insecure Flash Cross Domain policies an attacker might gain access to stored files of the user. For more information please consult the official advisory. This advisory is licensed CC BY-SA 4.0...