Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:18 p.m.12 views

CVE-2025-5007

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS6.5AI score0.00269EPSS
Exploits0References1
NVD
NVD
added 2025/05/20 11:15 p.m.34 views

CVE-2025-5007

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS0.00269EPSS
Exploits0References6
CVE
CVE
added 2025/05/20 11:0 p.m.54 views

CVE-2025-5007

Part-DB up to 1.17.0 exposes a cross-site scripting (XSS) vulnerability in the Profile Picture Feature. The issue lies in handleUpload (src/Services/Attachments/AttachmentSubmitHandler.php) where the attachment argument can be manipulated to inject scripts. It can be exploited remotely and an exp...

5.1CVSS3.9AI score0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/05/20 11:0 p.m.40 views

CVE-2025-5007 Part-DB Profile Picture Feature AttachmentSubmitHandler.php handleUpload cross site scripting

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS0.00269EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/05/20 11:0 p.m.9 views

CVE-2025-5007 Part-DB Profile Picture Feature AttachmentSubmitHandler.php handleUpload cross site scripting

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS3.8AI score0.00269EPSS
Exploits0References6
OSV
OSV
added 2025/05/20 11:0 p.m.12 views

CVE-2025-5007 Part-DB Profile Picture Feature AttachmentSubmitHandler.php handleUpload cross site scripting

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS3.7AI score0.00269EPSS
Exploits0References8
Rows per page
Query Builder