138 matches found
CVE-2025-14691
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...
PYSEC-2025-134
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...
CVE-2025-14691 Mayan EDMS authentication cross site scripting
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...
CVE-2025-14691
Mayan EDMS up to 4.10.1 has a cross-site scripting (XSS) vulnerability in an unknown function of the /authentication/ component. The issue is exploitable remotely and an exploit is publicly available. Upgrading to version 4.10.2 (or higher) fixes the vulnerability; the vendor confirms the fix in ...
CVE-2025-14691 Mayan EDMS authentication cross site scripting
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...
Mayan EDMS 代码注入漏洞
Mayan EDMS is a free web-based document management system from Mayan EDMS, Inc. It is used to manage documents within an organization. A code injection vulnerability exists in Mayan EDMS 4.10.1 and prior versions, which stems from incorrect manipulation of the file /authentication/ and could lead...
PT-2025-51177
Name of the Vulnerable Software and Affected Versions Mayan EDMS versions up to 4.10.1 Description A cross-site scripting issue exists in Mayan EDMS. The issue is located in an unknown function within the /authentication/ component and can be exploited remotely. The exploit is publicly available...
PT-2025-51179
A flaw has been found in Mayan EDMS up to 4.10.1. The impacted element is an unknown function of the file /authentication/. This manipulation causes open redirect. It is possible to initiate the attack remotely. The exploit has been published and may be used. Upgrading to version 4.10.2 is...
EUVD-2018-0093
Malware in sbrugna...
EUVD-2013-7281
Malware in sbrugna...
EUVD-2020-6095
Malware in sbrugna...
EUVD-2018-0092
Malware in sbrugna...
EUVD-2020-6096
Malware in sbrugna...
EUVD-2014-0034
Malware in sbrugna...
EUVD-2018-0091
Malware in sbrugna...
EUVD-2023-0142
Malicious code in bioql PyPI...
CVE-2013-10066
An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint usersadd.php that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP...
CVE-2013-10066
An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint usersadd.php that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP...
CVE-2013-10066 Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload
An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint usersadd.php that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP...
CVE-2013-10066 Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload
An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint usersadd.php that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP...