Lucene search
K

4 matches found

EUVD
EUVD
added 2026/04/26 2:30 a.m.8 views

EUVD-2026-25690

A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component downcount Plugin. This manipulation of the argument ffile/fprefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading...

4.8CVSS3.1AI score0.00269EPSS
Exploits0References7
OSV
OSV
added 2022/11/15 8:15 p.m.4 views

CVE-2022-45381

Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:' prefix interpolator by default, allowing attackers able to configure Pipelines to read arbitrary...

8.1CVSS5.9AI score0.01328EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/15 12:0 a.m.4 views

PT-2022-27483 · Jenkins +1 · Jenkins Pipeline Utility Steps Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline Utility Steps Plugin versions 2.13.1 and earlier Description: The issue allows attackers who can configure Pipelines to read arbitrary files from the Jenkins controller file system. This is due to the lack of restriction on t...

8.1CVSS7.8AI score0.01328EPSS
Exploits0References8
securityvulns
securityvulns
added 2007/01/28 12:0 a.m.55 views

PHP Safe Mod protection bypass

It's possible to traverse working directory protection by using writing mode srpath://../ file prefix for fopen...

10CVSS3.1AI score0.07112EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder