CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

67 matches found

CVE•added 2026/05/09 8:0 p.m.•9 views

CVE-2026-8195

CVE-2026-8195 affects JeecgBoot up to 3.9.1. The vulnerability is a cross-site scripting issue in the SVG File Handler component, specifically in jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/CommonController.java. The manipulation is remote and the exploi...

5.3CVSS4.2AI score0.00033EPSS

Exploits0References4

ATTACKERKB•added 2026/05/09 8:0 p.m.•6 views

CVE-2026-8195

A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/CommonController.java of the component SVG File Handler. The manipulation results in cross site...

5.3CVSS4.2AI score0.00033EPSS

Exploits0References4

Vulnrichment•added 2026/05/09 8:0 p.m.•5 views

CVE-2026-8195 JeecgBoot SVG File CommonController.java cross site scripting

5.3CVSS4.2AI score0.00033EPSS

Exploits0References4

Positive Technologies•added 2026/05/09 12:0 a.m.•9 views

PT-2026-39413

Name of the Vulnerable Software and Affected Versions JeecgBoot versions prior to 3.9.2 Description A cross-site scripting issue exists in the SVG File Handler component within the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/CommonController.java...

5.3CVSS5.6AI score0.00033EPSS

Exploits0References8

RedhatCVE•added 2026/03/09 7:53 p.m.•2 views

CVE-2026-3748

A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestController.java of the component SVG File Handler. Performing a manipulation results in unrestricted upload. Remote exploitati...

8.8CVSS5.4AI score0.00137EPSS

Exploits1References1

EUVD•added 2026/03/08 6:30 p.m.•0 views

EUVD-2026-10251

6.5CVSS6.2AI score0.00137EPSS

Exploits1References10

OSV•added 2026/03/08 4:16 p.m.•1 views

CVE-2026-3748

8.8CVSS5.4AI score

Exploits0References9

Positive Technologies•added 2026/03/08 12:0 a.m.•3 views

PT-2026-23955

A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function handleFileUpload of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestService.java of the component SVG File Handler. Executing a manipulation can lead to unrestricted upload. The...

6.5CVSS5.4AI score0.00147EPSS

Exploits1References10

NVD•added 2026/01/18 5:15 p.m.•2 views

CVE-2026-1126

A security vulnerability has been detected in lwj flow up to a3d2fe8133db9d3b50fda4f66f68634640344641. This affects the function uploadFile of the file \flow-master\flow-front-rest\src\main\java\com\dragon\flow\web\resource\flow\FormResource.java of the component SVG File Handler. The manipulatio...

6.5CVSS0.0007EPSS

Exploits0References5

ATTACKERKB•added 2026/01/18 4:32 p.m.•1 views

CVE-2026-1126

6.5CVSS5.1AI score0.0007EPSS

Exploits0References4

Vulnrichment•added 2026/01/18 4:32 p.m.•1 views

CVE-2026-1126 lwj flow SVG File FormResource.java uploadFile unrestricted upload

6.5CVSS6.1AI score0.0007EPSS

Exploits0References5

CNNVD•added 2026/01/18 12:0 a.m.•0 views

Flow code issues and vulnerabilities

Flow is a free and open-source enterprise-level process application developed by FlowwJ, a Chinese developer. It combines technologies such as Flowable to create an integrated process engine solution. There are code issues and vulnerabilities in Flow; these vulnerabilities stem from incorrect...

6.5CVSS6.7AI score0.0007EPSS

Exploits0References5

RedhatCVE•added 2026/01/10 5:41 a.m.•4 views

CVE-2026-0730

A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADDSTAFF/UPDATESTAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profilepic can lead to cross site scripting...

4.8CVSS5.2AI score0.00059EPSS

Exploits1References1

EUVD•added 2026/01/09 12:30 a.m.•4 views

EUVD-2026-1658

4.8CVSS5.1AI score0.00059EPSS

Exploits1References6

NVD•added 2026/01/08 10:16 p.m.•1 views

CVE-2026-0730

4.8CVSS0.00059EPSS

Exploits1References5

OSV•added 2026/01/08 10:16 p.m.•1 views

CVE-2026-0730

4.8CVSS4AI score

Exploits0References5

Vulnrichment•added 2026/01/08 10:2 p.m.•2 views

CVE-2026-0730 PHPGurukul Staff Leave Management System SVG File adminviews.py UPDATE_STAFF cross site scripting

4.8CVSS5.2AI score0.00059EPSS

Exploits1References5

CVE•added 2026/01/08 10:2 p.m.•6 views

CVE-2026-0730

PHPGurukul Staff Leave Management System 1.0 is affected by a cross-site scripting vulnerability in the SVG File Handler, specifically the ADD_STAFF/UPDATE_STAFF function in /staffleave/slms/slms/adminviews.py. Manipulating the profile_pic argument can trigger XSS, with remote exploitation report...

4.8CVSS5.2AI score0.00059EPSS

Exploits1References5Affected Software1

Cvelist•added 2026/01/08 10:2 p.m.•22 views

CVE-2026-0730 PHPGurukul Staff Leave Management System SVG File adminviews.py UPDATE_STAFF cross site scripting

4.8CVSS0.00059EPSS

Exploits1References5

Positive Technologies•added 2026/01/08 12:0 a.m.•4 views

PT-2026-1980

Name of the Vulnerable Software and Affected Versions PHPGurukul Staff Leave Management System version 1.0 Description A flaw exists in PHPGurukul Staff Leave Management System 1.0 related to cross-site scripting. The issue is located in the ADD STAFF/UPDATE STAFF function within the...

4.8CVSS5.6AI score0.00059EPSS

Exploits1References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by