Lucene search
K

163 matches found

Prion
Prion
added 2020/01/10 2:15 p.m.16 views

Command injection

The Etherpad Lite epimageconvert Plugin has a Remote Command Injection Vulnerability...

7.5CVSS7.6AI score0.02216EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2020/01/10 2:15 p.m.30 views

CVE-2013-7380

The Etherpad Lite epimageconvert Plugin has a Remote Command Injection Vulnerability Authentication is not required for remote exploitation...

9.8CVSS7.2AI score0.02216EPSS
Exploits0References3
OSV
OSV
added 2020/01/10 2:15 p.m.6 views

UBUNTU-CVE-2013-7380

The Etherpad Lite epimageconvert Plugin has a Remote Command Injection Vulnerability Authentication is not required for remote exploitation...

9.8CVSS7.4AI score0.02216EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/01/10 1:15 p.m.24 views

CVE-2013-7380

The Etherpad Lite epimageconvert Plugin has a Remote Command Injection Vulnerability...

9.8AI score0.02216EPSS
Exploits0References2
CVE
CVE
added 2020/01/10 1:15 p.m.60 views

CVE-2013-7380

The Etherpad Lite ep_imageconvert Plugin for Etherpad Lite is affected by a Remote Command Injection vulnerability. Affected: ep_imageconvert

9.8CVSS9.7AI score0.02216EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/10/21 12:0 a.m.2 views

Etherpad-Lite Cross-Site Scripting Vulnerability

Etherpad-Lite is a Web-based open source document editor from the Etherpad Foundation. A cross-site scripting vulnerability exists in the templates/pad.html page in Etherpad-Lite version 1.7.5, which stems from a lack of proper validation of client-side data in the WEB application and can be...

6.1CVSS6.4AI score0.00679EPSS
Exploits0References1
NVD
NVD
added 2019/10/19 1:15 a.m.19 views

CVE-2019-18209

templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer...

6.1CVSS6AI score0.00679EPSS
Exploits0References1
OSV
OSV
added 2019/10/19 1:15 a.m.12 views

CVE-2019-18209

templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer...

6.1CVSS6.2AI score
Exploits0References1
Prion
Prion
added 2019/10/19 1:15 a.m.14 views

Default credentials

templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer...

4.3CVSS6AI score0.00679EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/10/19 12:50 a.m.20 views

CVE-2019-18209

templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer...

6.1AI score0.00679EPSS
Exploits0References1
CVE
CVE
added 2019/10/19 12:50 a.m.159 views

CVE-2019-18209

CVE-2019-18209 affects Etherpad-Lite 1.7.5, with XSS in templates/pad.html when the browser does not encode the URL path (demonstrated in Internet Explorer). The root cause is lack of proper validation/encoding of client-side data in that page. Public disclosures in multiple feeds confirm the iss...

6.1CVSS5.9AI score0.00679EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2018/05/03 12:0 a.m.2 views

Etherpad Lite Access Control Bypass Vulnerability

Etherpad Lite is the Etherpad Foundation's suite of open source rich text online collaboration software. A security vulnerability exists in the webaccess.js file in Etherpad Lite versions prior to 1.6.4. A remote attacker can exploit this vulnerability by sending a specially crafted request to...

9.8CVSS7AI score0.13132EPSS
Exploits0References1
Prion
Prion
added 2018/04/29 6:29 p.m.15 views

Design/Logic Flaw

Etherpad Lite before 1.6.4 is exploitable for admin access...

7.5CVSS9.5AI score0.13132EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/04/29 6:29 p.m.12 views

CVE-2018-9845

Etherpad Lite before 1.6.4 is exploitable for admin access...

9.8CVSS9.6AI score0.13132EPSS
Exploits0References2
OSV
OSV
added 2018/04/29 6:29 p.m.11 views

CVE-2018-9845

Etherpad Lite before 1.6.4 is exploitable for admin access...

9.8CVSS7.2AI score
Exploits0References2
Cvelist
Cvelist
added 2018/04/29 6:0 p.m.16 views

CVE-2018-9845

Etherpad Lite before 1.6.4 is exploitable for admin access...

9.6AI score0.13132EPSS
Exploits0References2
CVE
CVE
added 2018/04/29 6:0 p.m.54 views

CVE-2018-9845

Etherpad Lite before version 1.6.4 is vulnerable to an admin authentication bypass that allows an attacker to gain admin access. The issue is documented across multiple sources (NVD, Nuclei template, SUSE, CNVD, OSV, etc.) with the root cause described as an admin-privilege bypass affecting Ether...

9.8CVSS9.5AI score0.13132EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/04/08 12:0 a.m.5 views

Etherpad Arbitrary Code Execution Vulnerability

Etherpad is a Web-based online document collaboration tool. Multiple users can write a text document simultaneously via Etherpad and see real-time edits from all participants. An arbitrary code execution vulnerability exists in Etherpad 1.5.x and 1.6.x before 1.6.4. An attacker can exploit this...

8.1CVSS8.3AI score0.0158EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/08 12:0 a.m.5 views

Etherpad Arbitrary Code Execution Vulnerability (CNVD-2018-08480)

Etherpad is a Web-based online document collaboration tool. Multiple users can write a text document simultaneously via Etherpad and see real-time edits from all participants. An arbitrary code execution vulnerability exists in Etherpad 1.6.3. An attacker can exploit this vulnerability to execute...

9.8CVSS8.3AI score0.01988EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/04/07 9:29 p.m.26 views

CVE-2018-9325

Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to export all the existing pads of an instance without knowledge of pad names...

7.5CVSS7.1AI score0.01186EPSS
Exploits0References2
Rows per page
Query Builder