CVE-2026-35165 LORIS has incorrect access checks in document_repository

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From 21.0.0 to before 27.0.3 and 28.0.1, while the documentrepository frontend was restricting file access, the backend endpoint was not...

CVE-2026-35165 LORIS has incorrect access checks in document_repository

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From 21.0.0 to before 27.0.3 and 28.0.1, while the documentrepository frontend was restricting file access, the backend endpoint was not...

EUVD-2012-1737

Malware in sbrugna...

SQL injection vulnerability in eDoc frontend ge***.aspx page of electronic document repository (CNVD-2019-01496)

Electronic document library eDoc is a click document management system developed by Anhui Qixing Studio. Electronic document library eDoc front ge.aspx page SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information database...

CVE-2012-1727

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Document Repository...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Document Repository...

CVE-2012-1727

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Document Repository...

CVE-2012-1727

The CVE-2012-1727 entry concerns Oracle E-Business Suite’s Oracle Application Object Library across versions 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3, with an unspecified vulnerability that allows remote authenticated users to affect integrity via unknown vectors related to the Docum...

Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100

Cross Site Scripting XSS in Owl =0.95, CVE-2008-3100 References: https://vulners.com/cve/CVE-2008-3100 http://owl.sourceforge.net/ http://www.datensalat.eu/fabian/cve/CVE-2008-3100-Owl.html Description: Owl is a multi user document repository knowledgebase system for publishing files/documents on...

Various Vulnerabilities in OWL Intranet Engine

---------------------------------------------------------------------------- Various Vulnerabilities in OWL Intranet Engine ---------------------------------------------------------------------------- Author: Jose Antonio Coret Joxean Koret Date: 2004 Location: Basque Country...