7 matches found
CVE-2026-33955 Notesnook vulnerable to RCE via stored XSS in Note History diff viewer
Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop, a cross-site scripting vulnerability stored in the note history comparison viewer can escalate to remote code execution in a desktop application. The issue is triggered when an attacker-controlled note header is displayed usi...
CVE-2026-33955 Notesnook vulnerable to RCE via stored XSS in Note History diff viewer
Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop, a cross-site scripting vulnerability stored in the note history comparison viewer can escalate to remote code execution in a desktop application. The issue is triggered when an attacker-controlled note header is displayed usi...
EUVD-2026-16872
Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop, a cross-site scripting vulnerability stored in the note history comparison viewer can escalate to remote code execution in a desktop application. The issue is triggered when an attacker-controlled note header is displayed usi...
PT-2023-29933 · Squidex · Squidex
Name of the Vulnerable Software and Affected Versions: Squidex versions affected versions not specified Description: The issue concerns an arbitrary file write vulnerability in the backup restore feature of Squidex, allowing an authenticated attacker with the squidex.admin.restore permission to...
CVE-2022-0921
Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12...
CVE-2022-0921 Abusing Backup/Restore feature to achieve Remote Code Execution in microweber/microweber
Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12...
IDenticard PremiSys (Update A)
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit/vulnerability details have been publicly disclosed Vendor: IDenticard Equipment: PremiSys Vulnerabilities: Use of Hard-coded Credentials, Use of Hard-coded Password, Inadequate Encryption Strength 2...