41 matches found
CVE-2026-29909
MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials...
PT-2026-29058
MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials...
CVE-2026-29909
MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials...
CVE-2026-29909
MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/file/list.do endpoint lacks authentication controls and proper input validation, allowing remote attackers to enumerate directory contents on the server without any credentials...
EUVD-2025-206518
FluentCMS 2026 contains a stored cross-site scripting vulnerability that allows authenticated administrators to upload SVG files with embedded JavaScript via the File Management module. Attackers can upload malicious SVG files that execute JavaScript in the browser of any user accessing the...
PT-2026-5331
FluentCMS 2026 contains a stored cross-site scripting vulnerability that allows authenticated administrators to upload SVG files with embedded JavaScript via the File Management module. Attackers can upload malicious SVG files that execute JavaScript in the browser of any user accessing the...
FluentCMS cross-site scripting vulnerabilities
FluentCMS is an open-source content management system developed by FluentCMS. Version 2026 of FluentCMS has a cross-site scripting vulnerability. This vulnerability arises because authenticated administrators can upload SVG files embedded with JavaScript through the file management module,...
Huawei HarmonyOS file management module privilege control vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS file management module, which can be exploited by an attacker to compromise service...
CVE-2025-64312
Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-58304
Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-64312
Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-58304
Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-64315
Configuration defect vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect app data confidentiality and integrity...
CVE-2025-64315
Configuration defect vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect app data confidentiality and integrity...
CVE-2025-64312
Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-64312
CVE-2025-64312 describes a permission/privilege control vulnerability in the Huawei HarmonyOS file management module. The impact is stated as potential confidentiality loss. Public data include CVSS v3.1 scores (base 7.5 HIGH, vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and a Huawei bulletin refe...
EUVD-2025-199855
Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-64312
Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-58304
Technical details for CVE-2025-58304 are not publicly available in the provided documents. See listed references for potential disclosure updates; monitor for new firmware versions or advisories from Huawei.
CVE-2025-64315
CVE-2025-64315 concerns a configuration defect in Huawei HarmonyOS, specifically in the file management module. The available sources describe a configuration flaw that can affect the confidentiality and integrity of application data if exploited. The documents do not provide concrete technical d...