Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
โ€ขadded 2025/11/17 7:3 a.m.โ€ข12 views

CVE-2025-13185

A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...

7.2CVSS6.5AI score0.00061EPSS
Exploits1References1
NVD
NVD
โ€ขadded 2025/11/14 9:15 p.m.โ€ข3 views

CVE-2025-13185

A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...

7.2CVSS0.00061EPSS
Exploits1References4
OSV
OSV
โ€ขadded 2025/11/14 9:15 p.m.โ€ข1 views

CVE-2025-13185

A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...

7.2CVSS5.5AI score
Exploits0References4
EUVD
EUVD
โ€ขadded 2025/11/14 9:2 p.m.โ€ข4 views

EUVD-2025-197658

A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...

5.8CVSS6.2AI score0.00061EPSS
Exploits1References5
CNNVD
CNNVD
โ€ขadded 2025/11/14 12:0 a.m.โ€ข1 views

Bdtask News365 ไปฃ็ ้—ฎ้ข˜ๆผๆดž

Bdtask News365 is a web magazine software from Bdtask Bangladesh. A code issue vulnerability exists in Bdtask News365 7.0.3 and earlier versions, which stems from incorrect manipulation of the parameters profileimage/bannerimage in the file /admin/dashboard/profile, which may result in unlimited...

7.2CVSS5AI score0.00061EPSS
Exploits1References4
Cvelist
Cvelist
โ€ขadded 2025/10/07 11:13 p.m.โ€ข7 views

CVE-2025-61997 OPEXUS FOIAXpress stored XSS via banner image

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Enterprise Banner image upload field. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the...

4.8CVSS0.0003EPSS
Exploits0References3
Cvelist
Cvelist
โ€ขadded 2022/11/14 12:0 a.m.โ€ข15 views

CVE-2022-3992 SourceCodester Sanitization Management System Banner Image cross site scripting

A vulnerability classified as problematic was found in SourceCodester Sanitization Management System. Affected by this vulnerability is an unknown functionality of the file admin/?page=systeminfo of the component Banner Image Handler. The manipulation leads to cross site scripting. The attack can...

2.4CVSS6.2AI score0.00218EPSS
Exploits0References1
Exploit DB
Exploit DB
โ€ขadded 2021/01/25 12:0 a.m.โ€ข407 views

MyBB Timeline Plugin 1.0 - Persistent Cross-Site Scripting

Exploit Title: MyBB Timeline Plugin 1.0 - Cross-Site Scripting / CSRF Date: 1/21/2021 Author: 0xB9 Software Link: https://community.mybb.com/mods.php?action=view&pid=1428 Version: 1.0 Tested on: Windows 10 1. Description: MyBB Timeline replaces the default MyBB user profile. This introduces...

7.4AI score
Exploits0
Rows per page
Query Builder