Lucene search
K

33 matches found

Cvelist
Cvelist
added 2024/11/20 8:37 a.m.14 views

CVE-2024-10126 Local file inclusion vulnerability in M-Files Server

Local File Inclusion vulnerability in M-Files Server in versions before 24.11 excluding 24.8 SR1, 24.2 SR3 and 23.8 SR7 allows an authenticated user to read server local files of a limited set of filetypes via document preview...

5.3CVSS0.00374EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/11/08 4:23 p.m.6 views

WordPress RSV PDF Preview plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin RSV PDF Preview versions = 1.0...

6.5CVSS5.8AI score0.00302EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/18 12:0 a.m.3 views

PT-2024-25166 · Unknown · Ferozo Webmail

Name of the Vulnerable Software and Affected Versions: Ferozo Email version 1.1 Description: A Cross Site Scripting issue allows a local attacker to execute arbitrary code via a crafted payload to the PDF preview component. This enables the attacker to perform actions on the affected system...

5.4CVSS7.4AI score0.00421EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/10/18 12:0 a.m.6 views

PT-2024-16048 · M Files · M-Files Server

Name of the Vulnerable Software and Affected Versions: M-Files Server versions prior to 24.11 Description: A Local File Inclusion issue allows an authenticated user to read server local files of a limited set of filetypes via document preview. Recommendations: For versions prior to 24.11, update ...

5.3CVSS6.9AI score0.00374EPSS
Exploits0References13
OSV
OSV
added 2024/07/19 9:15 a.m.6 views

CVE-2024-39457

Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...

5.4CVSS5.7AI score0.00249EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2024/03/12 12:0 a.m.49 views

Description of Security Update 5 for Exchange Server 2019: March 12, 2024 (KB5036402)

Description of Security Update 5 for Exchange Server 2019: March 12, 2024 KB5036402 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE and security advisory:...

8.8CVSS9.6AI score0.0682EPSS
Exploits0
CNNVD
CNNVD
added 2022/11/23 12:0 a.m.6 views

Maarch RM 授权问题漏洞

Maarch RM is an electronic filing system from Maarch. Streamline your certification processes, scientific and technical control in an efficient and optimized way. An information disclosure vulnerability exists in Maarch RM 2.8 and later, versions prior to 2.8.6, and 2.9. The vulnerability stems...

5.3CVSS6.2AI score0.00516EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/22 12:0 a.m.4 views

PT-2022-24064 · Maarch Rm · Maarch Rm

Name of the Vulnerable Software and Affected Versions: Maarch RM version 2.8.3 Description: The issue concerns a broken access control vulnerability. When accessing specific documents, such as PDFs or emails, from an archive, the application proposes a preview. This preview generates a URL that...

5.3CVSS7.5AI score0.00516EPSS
Exploits0References6
Patchstack
Patchstack
added 2022/04/11 12:0 a.m.9 views

WordPress Woo Document Preview plugin <= 1.3.0 - Arbitrary Plugin Installation, Activation and Deactivation vulnerability

Arbitrary Plugin Installation, Activation and Deactivation vulnerability discovered by Mary JJ Jay in WordPress Woo Document Preview plugin versions = 1.3.0. Solution Update the WordPress Woo Document Preview plugin to the latest available version at least 1.4.0...

3.5AI score
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/07/28 12:0 a.m.68 views

Command Execution Vulnerability in I Doc View Online Document Preview System

I Doc View Online Document Preview is an online document preview system. A command execution vulnerability exists in I Doc View Online Document Preview that can be exploited by an attacker to execute arbitrary commands...

7.8AI score
Exploits0
CNVD
CNVD
added 2020/11/19 12:0 a.m.3 views

SuiteCRM Cross-Site Scripting Vulnerability (CNVD-2020-66583)

SuiteCRM is a free open source customer relationship management application. A stored cross-site scripting vulnerability exists in the Document Preview feature of SuiteCRM 7.11.13. A remote authenticated attacker can exploit this vulnerability to inject arbitrary web script or HTML...

5.4CVSS5.9AI score0.00636EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/11/18 12:0 a.m.9 views

SuiteCRM 跨站脚本漏洞

SuiteCRM is a free open source customer relationship management application. A stored cross-site scripting vulnerability exists in the Document Preview feature of SuiteCRM 7.11.13. A remote authenticated attacker can exploit this vulnerability to inject arbitrary web script or HTML...

5.4CVSS6AI score0.00636EPSS
Exploits0References2
Hacker One
Hacker One
added 2018/01/14 8:29 a.m.26 views

Mail.ru: XSS ( Работа с письмами )

Заходим в почту. 2. Настройки - Работа с письмами. Получаем GET запросом входящие параметры...

0.4AI score
Exploits0
Rows per page
Query Builder