Lucene search
K

229 matches found

CNVD
CNVD
added 2023/12/27 12:0 a.m.11 views

Command Execution Vulnerability in Electronic Document Security Management System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-06018)

Beijing Yisaitong Science and Technology Development Limited Liability Company is a company whose business scope includes general items: technical services, technology development, technology consulting, technology exchanges, technology transfer and so on. There is a command execution vulnerabili...

7.6AI score
Exploits0
CNVD
CNVD
added 2023/12/26 12:0 a.m.5 views

Arbitrary File Download Vulnerability in Electronic Document Security Management System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-05347)

Electronic document security management system is a controllable authorization of electronic document security sharing management system, using real-time dynamic encryption and decryption protection technology and real-time rights recovery mechanism, to provide all kinds of electronic documents...

7.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/12/22 12:5 p.m.15 views

Data Exfiltration Using Indirect Prompt Injection

Interesting attack on a LLM: In Writer, users can enter a ChatGPT-like session to edit or create their documents. In this chat session, the LLM can retrieve information from sources on the web to assist users in creation of their documents. We show that attackers can prepare websites that, when a...

7AI score
Exploits0
CNVD
CNVD
added 2023/12/12 12:0 a.m.12 views

SQL Injection Vulnerability in Isthmus Electronic Document Security Management System (CNVD-2024-03265)

Beijing Yisaitong Technology Development Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application service industry. A SQL injection vulnerability exists in the Yisetong electronic document security management system, which can be exploited by attackers to obta...

7.6AI score
Exploits0
CNVD
CNVD
added 2023/12/12 12:0 a.m.21 views

Command Execution Vulnerability in Isthmus Electronic Document Security Management System (CNVD-2024-03256)

Beijing Yisaitong Science and Technology Development Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application service industry. A command execution vulnerability exists in the Yisetong Electronic Document Security Management System, which can be exploited by a...

7.5AI score
Exploits0
CNVD
CNVD
added 2023/12/10 12:0 a.m.1 views

Command Execution Vulnerability in Isthmus Electronic Document Security Management System (CNVD-2024-03028)

Beijing Yisaitong Technology Development Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application service industry. A command execution vulnerability exists in the Yisetong Electronic Document Security Management System, which can be exploited by an attacker t...

7.5AI score
Exploits0
CNVD
CNVD
added 2023/12/04 12:0 a.m.18 views

SQL Injection Vulnerability in Electronic Document Security Management System of Beijing Yisaitong Technology Development Co., Ltd (CNVD-2024-00987)

Electronic document security management system is a controllable authorization of electronic document security sharing management system, using real-time dynamic encryption and decryption protection technology and real-time rights recovery mechanism, to provide all kinds of electronic documents...

7.5AI score
Exploits0
CVE
CVE
added 2023/11/20 5:58 p.m.87 views

CVE-2023-48241

XWiki Platform contains an information-disclosure flaw in the Solr-based search suggestion service. From CVE-2023-48241 and connected data, the vulnerability affects XWiki Platform versions starting at 6.3-milestone-2 up to but not including fixed releases: 14.10.15, 15.5.1, and 15.6RC1. The Solr...

7.5CVSS7.4AI score0.7282EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2023/11/18 12:0 a.m.15 views

Logic Flaw Vulnerability in Isthmus Electronic Document Security Management System

Yisetong Electronic Document Security Management System CDG for short is an electronic document security encryption software, which utilizes the driver layer transparent encryption technology to prevent internal employees from leaking secrets and outsiders from illegally stealing the core importa...

6.9AI score
Exploits0
CNVD
CNVD
added 2023/11/17 12:0 a.m.10 views

Command Execution Vulnerability in Electronic Document Security Management System of Beijing Yisaitong Technology Development Co., Ltd (CNVD-2023-99981)

Ltd. is a leading provider of Data Leakage Protection DLP products, solutions and security services in China. A command execution vulnerability exists in the electronic document security management system of Beijing Yisetong Technology Development Co., Ltd. that can be exploited by an attacker to...

7.6AI score
Exploits0
OSV
OSV
added 2023/10/26 5:15 p.m.4 views

CVE-2023-46666

An issue was discovered when using Document Level Security and the SPO "Limited Access" functionality in Elastic Sharepoint Online Python Connector. If a user is assigned limited access permissions to an item on a Sharepoint site then that user would have read permissions to all content on the...

6.5CVSS5.6AI score0.00365EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/25 5:17 p.m.57 views

CVE-2023-37910 org.xwiki.platform:xwiki-platform-attachment-api vulnerable to Missing Authorization on Attachment Move

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with the introduction of attachment move support in version 14.0-rc-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, an attacker with edit access on any document can be the use...

8.1CVSS8.2AI score0.00573EPSS
Exploits1References3
CNVD
CNVD
added 2023/10/23 12:0 a.m.4 views

Logic flaw vulnerability in the electronic document security management system of Beijing Yisaitong Technology Development Co., Ltd (CNVD-2023-96198)

Beijing Yisetong Technology Development Co., Ltd. is a domestic data security, network security and security services provider of three major business. The electronic document security management system of Beijing Yisetong Technology Development Co., Ltd. has a logic flaw vulnerability, which can...

6.6AI score
Exploits0
CNVD
CNVD
added 2023/10/17 12:0 a.m.9 views

Information leakage vulnerability in the electronic document security management system of Beijing Yisaitong Technology Development Co., Ltd (CNVD-2023-86622)

Beijing Yisetong Technology Development Co., Ltd. is a leading data security business provider in China. An information leakage vulnerability exists in the electronic document security management system of Beijing Yisetong Technology Development Co., Ltd, which can be exploited by attackers to...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.25 views

Amazon Linux 2 : libreoffice (ALASLIBREOFFICE-2023-002)

The version of libreoffice installed on the remote host is prior to 5.3.6.1-21. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2LIBREOFFICE-2023-002 advisory. LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on vario...

9.8CVSS8.1AI score0.78347EPSS
Exploits6References16
Vulnrichment
Vulnrichment
added 2023/07/18 8:18 p.m.10 views

CVE-2023-22062

...

8.5CVSS6.9AI score0.00512EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/06/26 12:0 a.m.7 views

The vulnerability of the OpenSearch software package, related to incorrect authorization, allows a perpetrator to introduce incorrect access authorization.

The vulnerability of the OpenSearch software package is related to the implementation of detailed access control rules document level security, field level security, and field masking. These rules were incorrectly applied to queries under rare execution conditions. Exploiting this vulnerability c...

5.9CVSS6.3AI score0.0046EPSS
Exploits0References4Affected Software3
CVE
CVE
added 2023/06/08 12:0 a.m.167 views

CVE-2023-34958

CVE-2023-34958 concerns Chamilo LMS versions 1.11.* up to 1.11.18. The vulnerability is described as an inadequate access control that allows a student enrolled in a course to download documents belonging to another student if they know the document’s ID. This is an information disclosure issue r...

4.3CVSS4.9AI score0.00411EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2023/05/23 12:0 a.m.58 views

Remote Code Execution Vulnerability in Electronic Document Security Management System of Beijing Yisaitong Technology Development Co.

Electronic document security management system referred to as: CDG is an electronic document security protection software, the system utilizes the driver layer transparent encryption technology, through the encryption and protection of electronic documents, to prevent the internal staff leakage a...

8AI score
Exploits0
Huntr
Huntr
added 2023/04/19 4:48 p.m.38 views

XSS in Seo & Settings tab of Documents in pimcore/pimcore

Description pimcore is vulnerable to XSS at Title field in SEO & Settings tab of Document. Proof of Concept 1.Go to https://demo.pimcore.fun/admin/ and login. 2.In Documents, go to home - click on SEO & Settings icon to go to this tab. 3.In the SEO & Setting tab, input the payload " into the Titl...

4.9CVSS6.3AI score0.00479EPSS
Exploits1
Rows per page
Query Builder