Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/05/22 11:18 p.m.12 views

CVE-2025-5007

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS6.5AI score0.00269EPSS
Exploits0References1
nvd
nvd
added 2025/05/20 11:15 p.m.34 views

CVE-2025-5007

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS0.00269EPSS
Exploits0References6
cvelist
cvelist
added 2025/05/20 11:0 p.m.40 views

CVE-2025-5007 Part-DB Profile Picture Feature AttachmentSubmitHandler.php handleUpload cross site scripting

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS0.00269EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2025/05/20 11:0 p.m.9 views

CVE-2025-5007 Part-DB Profile Picture Feature AttachmentSubmitHandler.php handleUpload cross site scripting

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS3.8AI score0.00269EPSS
Exploits0References6
cve
cve
added 2025/05/20 11:0 p.m.53 views

CVE-2025-5007

Part-DB up to 1.17.0 exposes a cross-site scripting (XSS) vulnerability in the Profile Picture Feature. The issue lies in handleUpload (src/Services/Attachments/AttachmentSubmitHandler.php) where the attachment argument can be manipulated to inject scripts. It can be exploited remotely and an exp...

5.1CVSS3.9AI score0.00269EPSS
Exploits0References6
osv
osv
added 2025/05/20 11:0 p.m.12 views

CVE-2025-5007 Part-DB Profile Picture Feature AttachmentSubmitHandler.php handleUpload cross site scripting

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS3.7AI score0.00269EPSS
Exploits0References8
Rows per page
Query Builder