33 matches found
CVE-2024-10126 Local file inclusion vulnerability in M-Files Server
Local File Inclusion vulnerability in M-Files Server in versions before 24.11 excluding 24.8 SR1, 24.2 SR3 and 23.8 SR7 allows an authenticated user to read server local files of a limited set of filetypes via document preview...
WordPress RSV PDF Preview plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability
Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin RSV PDF Preview versions = 1.0...
PT-2024-25166 · Unknown · Ferozo Webmail
Name of the Vulnerable Software and Affected Versions: Ferozo Email version 1.1 Description: A Cross Site Scripting issue allows a local attacker to execute arbitrary code via a crafted payload to the PDF preview component. This enables the attacker to perform actions on the affected system...
PT-2024-16048 · M Files · M-Files Server
Name of the Vulnerable Software and Affected Versions: M-Files Server versions prior to 24.11 Description: A Local File Inclusion issue allows an authenticated user to read server local files of a limited set of filetypes via document preview. Recommendations: For versions prior to 24.11, update ...
CVE-2024-39457
Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...
Description of Security Update 5 for Exchange Server 2019: March 12, 2024 (KB5036402)
Description of Security Update 5 for Exchange Server 2019: March 12, 2024 KB5036402 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE and security advisory:...
Maarch RM 授权问题漏洞
Maarch RM is an electronic filing system from Maarch. Streamline your certification processes, scientific and technical control in an efficient and optimized way. An information disclosure vulnerability exists in Maarch RM 2.8 and later, versions prior to 2.8.6, and 2.9. The vulnerability stems...
PT-2022-24064 · Maarch Rm · Maarch Rm
Name of the Vulnerable Software and Affected Versions: Maarch RM version 2.8.3 Description: The issue concerns a broken access control vulnerability. When accessing specific documents, such as PDFs or emails, from an archive, the application proposes a preview. This preview generates a URL that...
WordPress Woo Document Preview plugin <= 1.3.0 - Arbitrary Plugin Installation, Activation and Deactivation vulnerability
Arbitrary Plugin Installation, Activation and Deactivation vulnerability discovered by Mary JJ Jay in WordPress Woo Document Preview plugin versions = 1.3.0. Solution Update the WordPress Woo Document Preview plugin to the latest available version at least 1.4.0...
Command Execution Vulnerability in I Doc View Online Document Preview System
I Doc View Online Document Preview is an online document preview system. A command execution vulnerability exists in I Doc View Online Document Preview that can be exploited by an attacker to execute arbitrary commands...
SuiteCRM Cross-Site Scripting Vulnerability (CNVD-2020-66583)
SuiteCRM is a free open source customer relationship management application. A stored cross-site scripting vulnerability exists in the Document Preview feature of SuiteCRM 7.11.13. A remote authenticated attacker can exploit this vulnerability to inject arbitrary web script or HTML...
SuiteCRM 跨站脚本漏洞
SuiteCRM is a free open source customer relationship management application. A stored cross-site scripting vulnerability exists in the Document Preview feature of SuiteCRM 7.11.13. A remote authenticated attacker can exploit this vulnerability to inject arbitrary web script or HTML...
Mail.ru: XSS ( Работа с письмами )
Заходим в почту. 2. Настройки - Работа с письмами. Получаем GET запросом входящие параметры...