Lucene search
+L

9 matches found

Nuclei
Nuclei
added yesterday9 views

MISP < 2.5.37 - SQL Injection

MISP before 2.5.37 is vulnerable to SQL injection via the order parameter in EventsController. The POST body order value is passed directly into ORDER BY clauses without validation. id: CVE-2026-44381 info: name: MISP 2.5.37 - SQL Injection author: malcha severity: medium description: | MISP befo...

9.3CVSS5.6AI score0.0054EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/01 2:16 p.m.6 views

CVE-2025-66384

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

8.2CVSS6.9AI score0.00322EPSS
Exploits0References1
NVD
NVD
added 2025/11/28 7:15 a.m.8 views

CVE-2025-66384

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

8.2CVSS0.00322EPSS
Exploits0References2
OSV
OSV
added 2025/11/28 12:0 a.m.4 views

CVE-2025-66384

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

8.2CVSS6.8AI score0.00322EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/28 12:0 a.m.11 views

PT-2025-48316

Name of the Vulnerable Software and Affected Versions MISP versions prior to 2.5.24 Description The software contains flawed logic when validating uploaded files, specifically concerning the tmp name parameter. This issue resides in the app/Controller/EventsController.php file. Recommendations...

8.2CVSS6.6AI score0.00322EPSS
Exploits0References8
EUVD
EUVD
added 2025/11/28 12:0 a.m.6 views

EUVD-2025-199869

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

8.2CVSS6.4AI score0.00322EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/28 12:0 a.m.2 views

CVE-2025-66384

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

8.2CVSS6.5AI score0.00322EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.4 views

MISP 安全漏洞

MISP is an open source software solution. The product is used to collect, store, distribute, and share cybersecurity metrics with features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP versions prior to 2.4.187 that stems from...

9.8CVSS6.7AI score0.00816EPSS
Exploits0References2
CNVD
CNVD
added 2020/07/01 12:0 a.m.5 views

Unspecified vulnerability in MISP (CNVD-2020-51415)

MISP is an open source software solution. The product is used to collect, store, distribute and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP version 2.4.128, which stems from insufficient ACL...

4.3CVSS6.9AI score0.00679EPSS
Exploits0References1
Rows per page
Query Builder