CVE-2025-62382

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to 0.16.2, Frigate's export workflow allows an authenticated operator to nominate any filesystem location as the thumbnail source for a video export. Because that path is copied verbatim into the...

CVE-2025-62382 Frigate Vulnerable to Arbitrary File Read via Export Thumbnail "image_path" parameter

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to 0.16.2, Frigate's export workflow allows an authenticated operator to nominate any filesystem location as the thumbnail source for a video export. Because that path is copied verbatim into the...

CVE-2025-62382 Frigate Vulnerable to Arbitrary File Read via Export Thumbnail "image_path" parameter

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to 0.16.2, Frigate's export workflow allows an authenticated operator to nominate any filesystem location as the thumbnail source for a video export. Because that path is copied verbatim into the...

Linux Distros Unpatched Vulnerability : CVE-2022-25020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path ...

CVE-2022-25020

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

CVE-2022-25020

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

Cross site scripting

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

CVE-2022-25020

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

UBUNTU-CVE-2022-25020

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

CVE-2022-25020

Removed by vendor...

PluXml 跨站脚本漏洞

PluXml is a content management system that does not require a database to work.A cross-site scripting vulnerability exists in PluXML version 5.8.7. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a payload in the thumbnail path of a blog post...

CMS Made Simple 跨站脚本漏洞

CMS Made Simple CMSMS is an open source content management system that provides developers, programmers, and website owners with a web-based version of the development and management interface. A stored cross-site scripting vulnerability exists in CMS Made Simple version 2.2.14, which can be...