Lucene search
K

1336 matches found

CNNVD
CNNVD
added 2025/12/18 12:0 a.m.6 views

linkding 安全漏洞

linkding is a bookmark manager that can be self-hosted by the individual developer Sascha Ißbrücker. A security vulnerability exists in linkding that stems from the file upload feature in the bookmarks and asset rendering pipeline that allows the upload of malicious SVG files containing JavaScrip...

8.2CVSS6.7AI score0.00256EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/17 11:35 p.m.8 views

EUVD-2025-204004

A vulnerability in the file upload at bookmark + asset rendering pipeline allows an attacker to upload a malicious SVG file with JavaScript content. When an authenticated admin user views the SVG file with embedded JavaScript code of shared bookmark, JavaScript executes in the admin’s browser,...

8.2CVSS6.6AI score0.00256EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/17 11:35 p.m.3 views

CVE-2025-14202 Cross-Site Request Forgery (CSRF) Leading to Account Takeover via SVG File Upload

A vulnerability in the file upload at bookmark + asset rendering pipeline allows an attacker to upload a malicious SVG file with JavaScript content. When an authenticated admin user views the SVG file with embedded JavaScript code of shared bookmark, JavaScript executes in the admin’s browser,...

8.2CVSS6.7AI score0.00256EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2025/12/03 12:0 a.m.150 views

📄 phpIPAM 1.5.1 SQL Injection

phpIPAM version 1.5.1 suffers from a remote SQL injection vulnerability. Exploit Title: phpIPAM 1.5.1 - SQL Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam/ Software Link: https://github.com/phpipam/phpipam/ Version: 1.5.1 Tested on: Windo...

7.2CVSS8.2AI score0.0305EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/12/02 12:0 a.m.180 views

phpIPAM 1.5.1 - SQL Injection

Exploit Title: phpIPAM 1.5.1 - SQL Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam/ Software Link: https://github.com/phpipam/phpipam/ Version: 1.5.1 Tested on: Windows CVE : CVE-2023-1211 Proof Of Concept POST...

7.2CVSS7AI score0.0305EPSS
Exploits3
CVE
CVE
added 2025/11/15 8:3 a.m.45 views

CVE-2025-11990

GitLab CVE-2025-11990 affects GitLab EE with affected versions 18.4 before 18.4.4 and 18.5 before 18.5.2. The issue arises from improper input validation in repository references combined with redirect handling weaknesses, enabling an authenticated user to obtain CSRF tokens. Remediation per conn...

3.5CVSS6.5AI score0.00263EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/11/15 12:0 a.m.4 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab EE versions 18.4 before 18.4.4 and...

3.5CVSS6.6AI score0.00263EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/28 3:59 p.m.5 views

CVE-2025-34133

Wimi Teamwork versions prior to 7.38.17 contains a cross-site request forgery CSRF vulnerability in its API. The API accepts any authenticated request that contains a JSON field named 'csrftoken' without validating the field’s value; only the presence of the field is checked. An attacker can craf...

7CVSS7.1AI score0.00231EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.7 views

PT-2025-41330

Name of the Vulnerable Software and Affected Versions WP Go Maps plugin for WordPress versions prior to 9.0.46 Description The WP Go Maps plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. The plugin exposes state-changing REST actions through an AJAX bridge without appropria...

5.4CVSS6.4AI score0.00179EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-6744

Malware in sbrugna...

8.8CVSS8.7AI score0.02045EPSS
Exploits4References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-3451

Malware in sbrugna...

6.5CVSS6.6AI score0.00702EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-8652

Malware in sbrugna...

7.6CVSS6.2AI score0.00878EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-0170

Malware in sbrugna...

5.9CVSS7.1AI score0.02489EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-18663

Malware in sbrugna...

5.8CVSS5.6AI score0.00355EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-20516

Malware in sbrugna...

8.8CVSS8.8AI score0.02354EPSS
Exploits5References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-17833

Malware in sbrugna...

6.5CVSS6.6AI score0.00508EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-22133

Malware in sbrugna...

8.1CVSS8AI score0.00854EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-14274

Malware in sbrugna...

7.6CVSS7.9AI score0.00665EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-6501

Malware in sbrugna...

6.5CVSS6.5AI score0.00615EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-7761

Malware in sbrugna...

8.8CVSS8.6AI score0.02048EPSS
Exploits0References4
Rows per page
Query Builder