CVE-2025-52196

Server-Side Request Forgery SSRF vulnerability in Ctera Portal 8.1.x 8.1.1417.24 allows remote attackers to induce the server to make arbitrary HTTP requests via a crafted HTML file containing an iframe...

CVE-2025-52196

Server-Side Request Forgery SSRF vulnerability in Ctera Portal 8.1.x 8.1.1417.24 allows remote attackers to induce the server to make arbitrary HTTP requests via a crafted HTML file containing an iframe...

CVE-2025-52196

Server-Side Request Forgery SSRF vulnerability in Ctera Portal 8.1.x 8.1.1417.24 allows remote attackers to induce the server to make arbitrary HTTP requests via a crafted HTML file containing an iframe...

CTERA Portal 安全漏洞

CTERA Portal is an enterprise-grade cloud data management platform from CTERA. A security vulnerability exists in Ctera Portal version 8.1.x, which stems from improper handling of HTML files and could lead to server-side request forgery...

CVE-2025-52196

Server-Side Request Forgery SSRF vulnerability in Ctera Portal 8.1.x 8.1.1417.24 allows remote attackers to induce the server to make arbitrary HTTP requests via a crafted HTML file containing an iframe...

CVE-2025-52196

CVE-2025-52196 affects Ctera Portal 8.1.x (8.1.1417.24). It is a Server-Side Request Forgery (SSRF) where a crafted HTML file containing an iframe can cause the server to perform arbitrary HTTP requests. Root cause: improper handling of HTML iframe content in uploads. Impact per disclosures: pote...

CVE-2025-52196

Server-Side Request Forgery SSRF vulnerability in Ctera Portal 8.1.x 8.1.1417.24 allows remote attackers to induce the server to make arbitrary HTTP requests via a crafted HTML file containing an iframe...

PT-2025-51766

Name of the Vulnerable Software and Affected Versions Ctera Portal versions 8.1.x 8.1.1417.24 Description A Server-Side Request Forgery SSRF issue exists in Ctera Portal. This allows remote attackers to make arbitrary HTTP requests by providing a crafted HTML file containing an iframe. The...

EUVD-2013-2578

Malware in sbrugna...

CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS

No description provided by source. 恶意用户可以修改项目文件夹描述进行XSS攻击和HTML注入（添加链接、图片和按钮等）。 因为项目文件夹时被不同用户共享，该漏洞可以用来抓取会话cookie。 创建一个项目文件夹并添加下面的描述（根据版本修改特定路径）：...

CTERA Cloud Storage OS项目文件夹描述脚本注入漏洞

CTERA Cloud Storage OS是一款云存储系统。 CTERA Cloud Storage OS不正确过滤项目文件夹中的描述字段数据，允许远程攻击者利用漏洞注入恶意脚本或HTML代码，当恶意数据被查看时，可获取敏感信息或劫持用户会话。 0 CTERA Cloud Storage OS 3.2.29.0 CTERA Cloud Storage OS 3.2.42.0 厂商补丁： CTERA ----- CTERA Cloud Storage OS 4.0.7已经修复该漏洞，建议用户下载更新：...

CVE-2013-2639

Cross-site scripting XSS vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a project folder...

Cross site scripting

Cross-site scripting XSS vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a project folder...

CVE-2013-2639

Cross-site scripting XSS vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a project folder...

CVE-2013-2639

CTERA Cloud Storage OS is affected by a Stored XSS in the Project Folder description field. Vulnerable on versions prior to 3.2.29.0 and 3.2.42.0; successful exploitation allows remote attackers to inject arbitrary script/HTML (risk includes possible session data exposure as noted in public write...

CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS

Exploit for php platform in category web applications OVERVIEW Standard Ctera User can define a particular “description” for a ProjectFolder that cause javascript code execution and HTML injection. INTRODUCTION CTERA Networks http://www.ctera.combridges the gap between cloud storage and local...

CTERA 3.2.29.0/3.2.42.0 - Persistent Cross-Site Scripting

Exploit Title: CTERA Project Folders - Stored XSS Date: 11-Mar-2013 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.ctera.com Version: 3.2.29.0 and 3.2.42.0 Tested on: ctera os CVE : CVE-2013-2639 OVERVIEW Standard Ctera User can define a particular “description” for a ProjectFolder tha...

CTERA 3.2.29.03.2.42.0 - Persistent Cross-Site Scripting

CTERA 3.2.29.03.2.42.0 - Persistent Cross-Site Scripting Exploit Title: CTERA Project Folders - Stored XSS Date: 11-Mar-2013 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.ctera.com Version: 3.2.29.0 and 3.2.42.0 Tested on: ctera os CVE : CVE-2013-2639 OVERVIEW Standard Ctera User...

SEC Consult SA-20130605-0 :: Multiple vulnerabilities in CTERA Portal

SEC Consult Vulnerability Lab Security Advisory 20130605-0 ======================================================================= title: Multiple vulnerabilities in CTERA Portal product: CTERA Portal vulnerable version: 3.1 fixed version: 3.2 impact: Critical homepage: http://www.ctera.com found...