Lucene search
+L

138 matches found

OSV
OSV
added 2025/12/14 11:15 p.m.4 views

CVE-2025-14691

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...

6.1CVSS4.1AI score0.00399EPSS
Exploits1References6
OSV
OSV
added 2025/12/14 11:15 p.m.8 views

PYSEC-2025-134

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...

6.1CVSS4.2AI score0.00399EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/12/14 11:2 p.m.28 views

CVE-2025-14691 Mayan EDMS authentication cross site scripting

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...

5.3CVSS0.00399EPSS
Exploits1References6
CVE
CVE
added 2025/12/14 11:2 p.m.20 views

CVE-2025-14691

Mayan EDMS up to 4.10.1 has a cross-site scripting (XSS) vulnerability in an unknown function of the /authentication/ component. The issue is exploitable remotely and an exploit is publicly available. Upgrading to version 4.10.2 (or higher) fixes the vulnerability; the vendor confirms the fix in ...

6.1CVSS4AI score0.00399EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/14 11:2 p.m.3 views

CVE-2025-14691 Mayan EDMS authentication cross site scripting

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...

5.3CVSS5.3AI score0.00399EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/12/14 12:0 a.m.6 views

Mayan EDMS 代码注入漏洞

Mayan EDMS is a free web-based document management system from Mayan EDMS, Inc. It is used to manage documents within an organization. A code injection vulnerability exists in Mayan EDMS 4.10.1 and prior versions, which stems from incorrect manipulation of the file /authentication/ and could lead...

6.1CVSS4.7AI score0.00399EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/12/14 12:0 a.m.12 views

PT-2025-51177

Name of the Vulnerable Software and Affected Versions Mayan EDMS versions up to 4.10.1 Description A cross-site scripting issue exists in Mayan EDMS. The issue is located in an unknown function within the /authentication/ component and can be exploited remotely. The exploit is publicly available...

5.3CVSS4.2AI score0.00399EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/12/14 12:0 a.m.13 views

PT-2025-51179

A flaw has been found in Mayan EDMS up to 4.10.1. The impacted element is an unknown function of the file /authentication/. This manipulation causes open redirect. It is possible to initiate the attack remotely. The exploit has been published and may be used. Upgrading to version 4.10.2 is...

5.3CVSS6.6AI score0.00408EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0093

Malware in sbrugna...

6.1CVSS6.1AI score0.01209EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2013-7281

Malware in sbrugna...

10CVSS6.4AI score0.01154EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-6095

Malware in sbrugna...

8.8CVSS8.7AI score0.02445EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-0092

Malware in sbrugna...

6.1CVSS6.1AI score0.01327EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-6096

Malware in sbrugna...

5.4CVSS5.5AI score0.00521EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-0034

Malware in sbrugna...

3.5CVSS6.4AI score0.03476EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-0091

Malware in sbrugna...

6.1CVSS6.1AI score0.01327EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-0142

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00582EPSS
Exploits2References6
RedhatCVE
RedhatCVE
added 2025/08/07 8:31 p.m.7 views

CVE-2013-10066

An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint usersadd.php that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP...

10CVSS7.6AI score0.01154EPSS
Exploits0References1
NVD
NVD
added 2025/08/05 8:15 p.m.6 views

CVE-2013-10066

An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint usersadd.php that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP...

10CVSS0.01154EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/05 8:2 p.m.4 views

CVE-2013-10066 Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload

An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint usersadd.php that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP...

10CVSS7.7AI score0.01154EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/08/05 8:2 p.m.12 views

CVE-2013-10066 Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload

An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint usersadd.php that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP...

10CVSS0.01154EPSS
Exploits0References5
Rows per page
Query Builder