Lucene search
+L

27 matches found

osv
osv
added 2026/06/28 12:17 p.m.4 views

UBUNTU-CVE-2026-13490

A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such manipulation of the argument docid leads to authorization bypass. The attack can be...

6.3CVSS5.4AI score0.00309EPSS
Exploits0References6
euvd
euvd
added 2026/06/28 11:0 a.m.8 views

EUVD-2026-39990

A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such manipulation of the argument docid leads to authorization bypass. The attack can be...

6.3CVSS5.4AI score0.00309EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/06/28 11:0 a.m.10 views

CVE-2026-13490

A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such manipulation of the argument docid leads to authorization bypass. The attack can be...

6.3CVSS5.4AI score0.00309EPSS
Exploits0References5Affected Software1
cve
cve
added 2026/06/28 11:0 a.m.27 views

CVE-2026-13490

The CVE concerns glpi-project glpi versions 11.0.5/11.0.6/11.0.7. It affects the Document Handler, specifically Document::canViewFile in front/document.send.php. Manipulating the docid argument can bypass authorization, enabling a remote attack. The description notes high complexity and that expl...

6.3CVSS5.4AI score0.00309EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/28 12:0 a.m.12 views

PT-2026-53103

Name of the Vulnerable Software and Affected Versions glpi-project glpi versions 11.0.5 through 11.0.7 Description An authorization bypass exists in the Document Handler component within the file 'front/document.send.php'. The issue occurs in the Document::canViewFile function when processing the...

6.3CVSS5.9AI score0.00309EPSS
Exploits0References10
vulnrichment
vulnrichment
added 2026/04/28 2:30 a.m.2 views

CVE-2026-7217 Deepractice PromptX Document File index.ts read_pdf absolute path traversal

A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. The affected element is the function readdocx/readxlsx/readpptx/listxlsxsheets/readpdf of the file packages/mcp-office/src/index.ts of the component Document File Handler. Such manipulation of the argument path leads t...

6.9CVSS5.4AI score0.0044EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-9727

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00579EPSS
Exploits1References5
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-7510

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.0032EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/05/23 7:36 a.m.6 views

CVE-2024-4327

A vulnerability was found in Apryse WebViewer up to 10.8.0. It has been classified as problematic. This affects an unknown part of the component PDF Document Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to...

4CVSS6.1AI score0.00453EPSS
Exploits0
redhatcve
redhatcve
added 2025/04/06 11:30 a.m.22 views

CVE-2025-3241

A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0. This affects an unknown part of the file src/main/java/com/ukefu/webim/web/handler/admin/callcenter/CallCenterRouterController.java of the component XML Document Handler. The manipulation of the...

6.5CVSS7AI score0.00579EPSS
Exploits1References1
nvd
nvd
added 2025/04/04 11:15 a.m.27 views

CVE-2025-3241

A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0. This affects an unknown part of the file src/main/java/com/ukefu/webim/web/handler/admin/callcenter/CallCenterRouterController.java of the component XML Document Handler. The manipulation of the...

9.8CVSS0.00579EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2025/04/04 11:0 a.m.9 views

CVE-2025-3241 zhangyanbo2007 youkefu XML Document CallCenterRouterController.java xml external entity reference

A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0. This affects an unknown part of the file src/main/java/com/ukefu/webim/web/handler/admin/callcenter/CallCenterRouterController.java of the component XML Document Handler. The manipulation of the...

6.5CVSS7.2AI score0.00579EPSS
Exploits1References4
cve
cve
added 2025/04/04 11:0 a.m.67 views

CVE-2025-3241

The CVE-2025-3241 entry concerns youkefu (zhangyanbo2007) up to version 4.2.0, focusing on the XML Document Handler’s CallCenterRouterController.java. The root cause is manipulation of the routercontent argument triggering an XML External Entity (XXE) reference, enabling remote initiation of an a...

9.8CVSS6.4AI score0.00579EPSS
Exploits1References4Affected Software1
ptsecurity
ptsecurity
added 2025/04/04 12:0 a.m.10 views

PT-2025-14881 · Youkefu · Youkefu

Name of the Vulnerable Software and Affected Versions: zhangyanbo2007 youkefu versions up to 4.2.0 Description: A problematic issue was found in the XML Document Handler component, specifically affecting the CallCenterRouterController.java file. The manipulation of the routercontent argument lead...

6.5CVSS6.2AI score0.00579EPSS
Exploits1References9
redhatcve
redhatcve
added 2025/03/12 11:30 a.m.13 views

CVE-2025-2125

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

5.3CVSS7.3AI score0.0032EPSS
Exploits0References1
nvd
nvd
added 2025/03/09 4:15 p.m.34 views

CVE-2025-2125

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

5.3CVSS0.0032EPSS
Exploits0References4
osv
osv
added 2025/03/09 4:15 p.m.13 views

CVE-2025-2125

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

4.3CVSS4.9AI score0.0032EPSS
Exploits0References4
cvelist
cvelist
added 2025/03/09 4:0 p.m.39 views

CVE-2025-2125 Control iD RH iD PDF Document companyId resource injection

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

5.3CVSS0.0032EPSS
Exploits0References4
cve
cve
added 2025/03/09 4:0 p.m.70 views

CVE-2025-2125

CVE-2025-2125 affects Control iD RH iD 25.2.25.0, specifically the PDF Document Handler. The vulnerability lies in the handling of the parameter nsr for the endpoint /v2/report.svc/comprovante_marcacao/?companyId=1, causing improper control of resource identifiers. The issue is exploitable remote...

5.3CVSS4.9AI score0.0032EPSS
Exploits0References4Affected Software1
vulnrichment
vulnrichment
added 2025/03/09 4:0 p.m.6 views

CVE-2025-2125 Control iD RH iD PDF Document companyId resource injection

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

5.3CVSS7.3AI score0.0032EPSS
Exploits0References4
Rows per page
Query Builder