Lucene search
K

17 matches found

EUVD
EUVD
added 2026/05/19 7:37 p.m.18 views

EUVD-2026-30549

GitHub CLI: GitHub Actions log output in gh run view allows terminal escape sequence injection...

3.5CVSS5.8AI score0.002EPSS
Exploits1References2
CVE
CVE
added 2026/02/03 12:17 a.m.10 views

CVE-2025-61649

Technical details about CVE-2025-61649 are not publicly available in the provided documents. Monitor for updates from the listed sources (NVD/Red Hat/CVE listings) for affected software, impact, and fixes.

4.8CVSS5.3AI score0.00313EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 12:17 a.m.3 views

CVE-2025-61649 UserInfoCard: Check that performing user has permission to view log entries for number of past blocks

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php. This issue affects CheckUser: from 7cedd58781d261f110651b6af4f41d2d11ae7309...

4.8CVSS5.3AI score0.00313EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2004-2062

Malware in sbrugna...

7.2CVSS6.4AI score0.00454EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.5 views

PT-2025-1972 · WordPress · W2S – Migrate Woocommerce To Shopify

Name of the Vulnerable Software and Affected Versions: W2S – Migrate WooCommerce to Shopify plugin for WordPress versions up to, and including, 1.2.1 Description: The issue allows authenticated attackers with Subscriber-level access and above to read the contents of arbitrary files on the server...

6.5CVSS9.3AI score0.00341EPSS
Exploits0References8
OSV
OSV
added 2022/10/07 9:15 p.m.2 views

DEBIAN-CVE-2022-39285

ZoneMinder is a free, open source Closed-circuit television software application The file parameter is vulnerable to a cross site scripting vulnerability XSS by backing out of the current "tr" "td" brackets. This then allows a malicious user to provide code that will execute when a user views the...

5.4CVSS6.2AI score0.03689EPSS
Exploits4References1
OSV
OSV
added 2022/10/07 9:15 p.m.2 views

UBUNTU-CVE-2022-39285

ZoneMinder is a free, open source Closed-circuit television software application The file parameter is vulnerable to a cross site scripting vulnerability XSS by backing out of the current "tr" "td" brackets. This then allows a malicious user to provide code that will execute when a user views the...

7.6CVSS6.8AI score0.03689EPSS
Exploits4References3
AlpineLinux
AlpineLinux
added 2022/10/07 12:0 a.m.49 views

CVE-2022-39285

ZoneMinder is a free, open source Closed-circuit television software application The file parameter is vulnerable to a cross site scripting vulnerability XSS by backing out of the current "tr" "td" brackets. This then allows a malicious user to provide code that will execute when a user views the...

7.6CVSS5.7AI score0.03689EPSS
Exploits4
VulnCheck KEV
VulnCheck KEV
added 2021/11/11 12:0 a.m.3 views

VulnCheck KEV: CVE-2017-18368

Zyxel P660HN-T1A routers contain a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user and exploited via the remotehost parameter of the ViewLog.asp page...

10CVSS7.5AI score0.94508EPSS
Exploits2References1
OSV
OSV
added 2019/02/04 7:29 p.m.5 views

UBUNTU-CVE-2019-7339

POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'level' parameter value in the view log log.php because proper filtration is omitted...

6.1CVSS7AI score0.00874EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2017/11/22 12:0 a.m.26 views

FreeBSD : cacti -- multiple vulnerabilities (db570002-ce06-11e7-804e-c85b763a2f96)

cacti reports : Changelog issue1057: CVE-2017-16641 - Potential vulnerability in RRDtool functions issue1066: CVE-2017-16660 in remoteagent.php logging function issue1066: CVE-2017-16661 in view log file issue1071: CVE-2017-16785 in globalsession.php Reflection XSS %NASLMINLEVEL 70300 C Tenable...

9CVSS6.3AI score0.04246EPSS
Exploits4References6
Fedora
Fedora
added 2016/05/23 8:25 p.m.28 views

[SECURITY] Fedora 24 Update: websvn-2.3.3-13.fc24

WebSVN offers a view onto your subversion repositories that's been designed to reflect the Subversion methodology. You can view the log of any file or directory and see a list of all the files changed, added or deleted in any given revision. You can also view the differences between two versions ...

6.1CVSS2.6AI score0.00857EPSS
Exploits0
CVE
CVE
added 2012/10/31 7:0 p.m.70 views

CVE-2012-4940

CVE-2012-4940 describes directory traversal vulnerabilities in Axigen Mail Server’s View Log Files component, allowing unauthenticated (per CERT entry) or authenticated users to read or delete arbitrary files via dot-dot sequences in the fileName parameter (download, edit, or delete actions) to t...

6.4CVSS7AI score0.83632EPSS
Exploits3References2Affected Software1
Prion
Prion
added 2007/08/28 12:17 a.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in Ipswitch WSFTP allows remote attackers to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this can be leveraged to creat...

4.3CVSS6.1AI score0.01631EPSS
Exploits0References5
NVD
NVD
added 2004/12/31 5:0 a.m.20 views

CVE-2004-2070

The Altiris Client Service for Windows 5.6 SP1 Hotfix E 5.6.181 allows local users to execute arbitrary commands by opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2005-1590...

7.2CVSS7.2AI score0.00454EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2003/10/06 12:0 a.m.23 views

easyfile12.txt

Vulnerabilities in Easy File Sharing Web Server 1.2 NEW. +-----------------------------+ Vendor: www.sharing-file.com Version: 1.2 new Date: Sep 22, 2003 Size: 2115KB Mini-description: "Easy File Sharing Web Server contains several built-in systems including HTTP Web Server,multi-threads database...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/02 12:0 a.m.20 views

Inso DynaWeb HTTPd 3.1/4.0.2/4.1 - Format String

// source: https://www.securityfocus.com/bid/5384/info Inso DynaWeb webserver, dwhttpd, is used as a subcomponent in products such as Sun's AnswerBook2, which is shipped as part of the Solaris operating environment. The dwhttpd webserver is prone to a remotely exploitable format-string...

7.4AI score
Exploits0
Rows per page
Query Builder