Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:11 p.m.10 views

CVE-2018-18890

MiniCMS 1.10 allows full path disclosure via /mc-admin/post.php?state=delete= with an invalid filename...

5.3CVSS6.9AI score0.01495EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-1688

Malware in sbrugna...

7.5CVSS6.1AI score0.0245EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2012-3380

Malware in sbrugna...

4.6CVSS8.9AI score0.00413EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8817

Malware in sbrugna...

7.5CVSS6.1AI score0.05236EPSS
Exploits1References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-0569

Malware in sbrugna...

8.3CVSS8.1AI score0.03507EPSS
Exploits0References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2004-2247

Malware in sbrugna...

6.4CVSS6.4AI score0.01983EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-4483

Malware in sbrugna...

6.1CVSS6.1AI score0.03605EPSS
Exploits7References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-35878

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00589EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2022-30474

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00461EPSS
Exploits0References2
CVE
CVE
added 2025/06/26 12:22 p.m.38 views

CVE-2025-5966

CVE-2025-5966 affects Zohocorp ManageEngine Exchange Reporter Plus versions 5722 and earlier. The vulnerability is a Stored XSS in the Attachments by filename keyword report, enabling script execution when a crafted filename is processed by the report feature. The issue is confirmed across multip...

8.1CVSS6.4AI score0.01103EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/05/22 6:15 p.m.14 views

CVE-2025-48369

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.119 and 25.0.20, a persistent Cross-Site Scripting XSS vulnerability exists in Groupoffice's tasks comment functionality, allowing attackers to execute arbitrary JavaScript by uploading an fil...

6.3CVSS0.00214EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/22 5:33 p.m.8 views

CVE-2025-48369 GroupOffice vulnerable to Stored XSS in Tasks Comment Section

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.119 and 25.0.20, a persistent Cross-Site Scripting XSS vulnerability exists in Groupoffice's tasks comment functionality, allowing attackers to execute arbitrary JavaScript by uploading an fil...

6.3CVSS5.2AI score0.00214EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:2 a.m.9 views

CVE-2019-17320

NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused by improper boundary checks when copying file name from an attacker controlled FTP server. That leads attacker to execute arbitrary code by sending a crafted filename...

9.8CVSS8.3AI score0.02178EPSS
Exploits0References1
NVD
NVD
added 2025/03/20 10:15 a.m.6 views

CVE-2024-12074

A Denial of Service DoS vulnerability was discovered in the file upload feature of automatic1111/stable-diffusion-webui version 1.10.0. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large...

6.5CVSS0.00747EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/05/24 9:47 p.m.11 views

CVE-2024-36079

An issue was discovered in Vaultize 21.07.27. When uploading files, there is no check that the filename parameter is correct. As a result, a temporary file will be created outside the specified directory when the file is downloaded. To exploit this, an authenticated user would upload a file with ...

6.8AI score0.00589EPSS
Exploits0References1
Rows per page
Query Builder