Lucene search
K

25 matches found

CNNVD
CNNVD
added 2021/10/05 12:0 a.m.6 views

Afian FileRun 跨站脚本漏洞

Afian FileRun is a full-featured web-based file manager. Afian FileRun 2021.03.26 A cross-site scripting vulnerability can be exploited by an attacker to cause an administrator to encounter a crafted document while performing a preview or editing operation using an HTML editor...

6.1CVSS6AI score0.00712EPSS
Exploits1References3
OSV
OSV
added 2021/07/31 5:15 p.m.5 views

CVE-2020-26564

ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have !ENTITY content, create a .xml file for a generic survey template containing a link to this .css file, and import this .xml file at the survey/admin/folderSurvey.do?action=viewImportSurvey'importFile'...

6.5CVSS5.8AI score0.01121EPSS
Exploits5References2
CVE
CVE
added 2012/10/09 3:0 p.m.44 views

CVE-2011-5210

CVE-2011-5210 affects Limny 3.0.0, where a directory traversal is possible in admin/preview.php via the theme parameter (encoded ..%2F) to read arbitrary files. Multiple sources (NVD, OpenVAS) confirm the vulnerability and link to Limny 3.0.0 players; OpenVAS describes it as a global directory tr...

6.8CVSS6.8AI score0.0158EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2012/10/09 3:0 p.m.21 views

CVE-2011-5210

Directory traversal vulnerability in admin/preview.php in Limny 3.0.0 allows remote attackers to read arbitrary files via a ..%2F encoded dot dot slash in the theme parameter...

6.6AI score0.0158EPSS
Exploits1References5
Prion
Prion
added 2012/08/26 8:55 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in apps/admin/handlers/preview.php in Elefant CMS 1.0.x before 1.0.2-Beta and 1.1.x before 1.1.5-Beta allow remote attackers to inject arbitrary web script or HTML via the 1 title or 2 body parameter to admin/preview...

4.3CVSS6.1AI score0.01284EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder