Lucene search
+L

35 matches found

RedhatCVE
RedhatCVE
added 2025/12/17 12:55 a.m.14 views

CVE-2025-63414

A Path Traversal vulnerability in the Allsky WebUI version v2024.12.0606 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute...

10CVSS8.9AI score0.01652EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/16 6:31 p.m.6 views

EUVD-2025-203804

A Path Traversal vulnerability in the Allsky WebUI version v2024.12.0606 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute...

10CVSS8.4AI score0.01652EPSS
Exploits1References4
NVD
NVD
added 2025/12/16 5:16 p.m.5 views

CVE-2025-63414

A Path Traversal vulnerability in the Allsky WebUI version v2024.12.0606 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute...

10CVSS0.01652EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/16 12:0 a.m.34 views

CVE-2025-63414

A Path Traversal vulnerability in the Allsky WebUI version v2024.12.0606 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute...

0.01652EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/16 12:0 a.m.3 views

CVE-2025-63414

A Path Traversal vulnerability in the Allsky WebUI version v2024.12.0606 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute...

8.5AI score0.01652EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.6 views

Allsky Camera 安全漏洞

Allsky Camera is an Allsky open source camera system for photographing and monitoring the entire sky. A security vulnerability exists in Allsky Camera version v2024.12.0606, which originates from path traversal and could lead to arbitrary command execution...

10CVSS7.1AI score0.01652EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.6 views

PT-2025-51740

Name of the Vulnerable Software and Affected Versions Allsky WebUI version v2024.12.06 06 Description A path traversal flaw exists in Allsky WebUI version v2024.12.06 06 that permits an unauthenticated remote attacker to execute commands on the system. This is achieved by submitting a specially...

10CVSS8.4AI score0.01652EPSS
Exploits1References9
CVE
CVE
added 2025/12/16 12:0 a.m.22 views

CVE-2025-63414

CVE-2025-63414 describes a Path Traversal in Allsky WebUI v2024.12.06_06 that allows unauthenticated remote command execution via /html/execute.php with a crafted id payload, leading to full remote code execution. The issue is confirmed across multiple sources (Red Hat CVE entry, EUVD/ENISA entry...

10CVSS8.5AI score0.01652EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/12/16 12:0 a.m.6 views

CVE-2025-63414

A Path Traversal vulnerability in the Allsky WebUI version v2024.12.0606 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute...

10CVSS8.8AI score0.01652EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/10 1:35 a.m.5 views

CVE-2025-65573

Cross Site Request Forgery CSRF vulnerability in AllskyTeam AllSky v2024.12.0606 allows remote attackers to cause a denial of service via function handleinterfacePOSTandstatus...

8.8CVSS6.7AI score0.00283EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/10 1:35 a.m.3 views

CVE-2025-65572

Cross Site Scripting XSS vulnerability in AllskyTeam AllSky v2024.12.0606 allows remote attackers to execute arbitrary code via the 1 config, 2 filename, or 3 extratext parameter to allskySettings.php. When the page is reloaded or when user visits allskySettings.php, the showMessages function in...

6.1CVSS6.7AI score0.00357EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/09 9:31 p.m.5 views

EUVD-2025-202322

Cross Site Request Forgery CSRF vulnerability in AllskyTeam AllSky v2024.12.0606 allows remote attackers to cause a denial of service via function handleinterfacePOSTandstatus...

6.2AI score0.00283EPSS
Exploits1References6
EUVD
EUVD
added 2025/12/09 9:31 p.m.5 views

EUVD-2025-202320

Cross Site Scripting XSS vulnerability in AllskyTeam AllSky v2024.12.0606 allows remote attackers to execute arbitrary code via the 1 config, 2 filename, or 3 extratext parameter to allskySettings.php. When the page is reloaded or when user visits allskySettings.php, the showMessages function in...

6.2AI score0.00357EPSS
Exploits1References5
NVD
NVD
added 2025/12/09 7:15 p.m.5 views

CVE-2025-65572

Cross Site Scripting XSS vulnerability in AllskyTeam AllSky v2024.12.0606 allows remote attackers to execute arbitrary code via the 1 config, 2 filename, or 3 extratext parameter to allskySettings.php. When the page is reloaded or when user visits allskySettings.php, the showMessages function in...

6.1CVSS0.00357EPSS
Exploits1References4
NVD
NVD
added 2025/12/09 7:15 p.m.5 views

CVE-2025-65573

Cross Site Request Forgery CSRF vulnerability in AllskyTeam AllSky v2024.12.0606 allows remote attackers to cause a denial of service via function handleinterfacePOSTandstatus...

8.8CVSS0.00283EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.3 views

PT-2025-50214

Name of the Vulnerable Software and Affected Versions AllskyTeam AllSky version 2024.12.06 06 Description A Cross Site Scripting XSS issue exists in AllskyTeam AllSky version 2024.12.06 06. This allows remote attackers to execute arbitrary code through the config, filename, or extratext parameter...

6.1CVSS6.5AI score0.00357EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.5 views

Allsky Camera 安全漏洞

Allsky Camera is an Allsky open source camera system for photographing and monitoring the entire sky. A security vulnerability exists in Allsky Camera version v2024.12.0606, which stems from cross-site request forgery and could lead to a denial of service...

8.8CVSS6.6AI score0.00283EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.3 views

Allsky Camera 安全漏洞

Allsky Camera is an Allsky open source camera system for photographing and monitoring the entire sky. A security vulnerability exists in Allsky Camera version v2024.12.0606, which originates from cross-site scripting and could lead to the execution of arbitrary code...

6.1CVSS6.3AI score0.00357EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.4 views

PT-2025-50210

Name of the Vulnerable Software and Affected Versions AllskyTeam AllSky version 2024.12.06 06 Description A Cross Site Request Forgery CSRF issue exists in AllskyTeam AllSky version 2024.12.06 06. This allows remote attackers to potentially cause a denial of service by exploiting the handle...

8.8CVSS6.6AI score0.00283EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/12/09 12:0 a.m.28 views

CVE-2025-65573

Cross Site Request Forgery CSRF vulnerability in AllskyTeam AllSky v2024.12.0606 allows remote attackers to cause a denial of service via function handleinterfacePOSTandstatus...

0.00283EPSS
Exploits1References5
Rows per page
Query Builder