CVE-2020-12644

OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API...

EUVD-2020-4944

Malware in sbrugna...

EUVD-2024-43397

Malicious code in bioql PyPI...

SUSE CVE-2025-27088

oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting XSS vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted...

CVE-2024-49335

Cross-Site Request Forgery CSRF vulnerability in sh4d0w28 GoogleDrive folder list googledrive-folder-list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through = 2.2.2...

CVE-2024-49335

Cross-Site Request Forgery CSRF vulnerability in Edush Maxim GoogleDrive folder list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through 2.2.2...

WordPress plugin GoogleDrive folder list 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin GoogleDrive folder list...

WordPress GoogleDrive folder list plugin <= 2.2.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

CSRF to Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin GoogleDrive folder list versions = 2.2.2...

WordPress GoogleDrive folder list Plugin <= 2.2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software GoogleDrive folder list Type Plugin Vulnerable versions = 2.2.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-49335 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 4b047cc300da Credits SOPROBRO...

Improper access control

Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the 'TemplatePath' parameter in the component 'jfinalcms/admin/folder/list'...

CVE-2020-19146

Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the 'TemplatePath' parameter in the component 'jfinalcms/admin/folder/list'...

Jfinal CMS 路径遍历漏洞

Jfinal CMS is a powerful information consulting website developed in java, using the simple and powerful JFinal as a web framework, template engine with beetl, database with mysql, front-end bootstrap framework. jfinal CMS 4.7.1 and earlier versions have improper access control vulnerabilities. A...

CVE-2020-12644

OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API...

CVE-2020-12644

OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API...

Server side request forgery (ssrf)

OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API...

CVE-2020-12644

OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API...

CVE-2020-12644

CVE-2020-12644 affects OX App Suite 7.10.3 and earlier. The issue is a server-side request forgery (SSRF) related to the mail account API and the /folder/list endpoint, enabling network-access from the vulnerable system. CVSS data indicates a Network attack vector with Low complexity and Privileg...