Lucene search
K

4 matches found

Cvelist
Cvelist
added 2025/10/05 3:32 a.m.10 views

CVE-2025-11280 Frappe LMS Assignment Picture files direct request

A flaw has been found in Frappe LMS 2.35.0. Impacted is an unknown function of the file /files/ of the component Assignment Picture Handler. This manipulation causes direct request. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is considered...

6.3CVSS0.00445EPSS
Exploits1References5
CVE
CVE
added 2025/10/05 3:32 a.m.13 views

CVE-2025-11280

The CVE-2025-11280 vulnerability affects Frappe LMS 2.35.0, in the Assignment Picture Handler component’s /files/ area. It enables a remote, high-complexity manipulation of a direct request, with exploitability rated as difficult and the exploit published. Upgrade the affected component as remedi...

6.3CVSS6.1AI score0.00445EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2005/12/05 12:0 a.m.6 views

PT-2005-4742 · Sapid · Sapid Cms

Name of the Vulnerable Software and Affected Versions: SAPID CMS versions prior to 1.2.3.03 Description: The issue allows remote attackers to bypass authentication by making direct requests to certain files, including insert file.php, insert image.php, insert link.php, insert qcfile.php, and...

7.5CVSS7AI score0.0181EPSS
Exploits0References7
NVD
NVD
added 2004/12/31 5:0 a.m.13 views

CVE-2004-1571

AJ-Fork 167 allows remote attackers to gain sensitive information via a direct request to 1 auto-acronyms.php, 2 auto-archive.php, 3 ount-article-views.php, 4 kses.php, 5 custom-quick-tags.php, 6 disable-all-comments.php, 7 easy-date-format.php, 8 enable-disable-comments.php, 9...

5CVSS6.5AI score0.0155EPSS
Exploits1References3
Rows per page
Query Builder