132 matches found
CVE-2026-5615
A weakness has been identified in givanz Vvvebjs up to 2.0.5. The affected element is an unknown function of the file upload.php of the component File Upload Endpoint. This manipulation of the argument uploadAllowExtensions causes cross site scripting. Remote exploitation of the attack is possibl...
EUVD-2026-19160
A weakness has been identified in givanz Vvvebjs up to 2.0.5. The affected element is an unknown function of the file upload.php of the component File Upload Endpoint. This manipulation of the argument uploadAllowExtensions causes cross site scripting. Remote exploitation of the attack is possibl...
CVE-2026-5615
A weakness has been identified in givanz Vvvebjs up to 2.0.5. The affected element is an unknown function of the file upload.php of the component File Upload Endpoint. This manipulation of the argument uploadAllowExtensions causes cross site scripting. Remote exploitation of the attack is possibl...
CVE-2026-5615
A weakness has been identified in givanz Vvvebjs up to 2.0.5. The affected element is an unknown function of the file upload.php of the component File Upload Endpoint. This manipulation of the argument uploadAllowExtensions causes cross site scripting. Remote exploitation of the attack is possibl...
CVE-2026-5615 givanz Vvvebjs File Upload Endpoint upload.php cross site scripting
A weakness has been identified in givanz Vvvebjs up to 2.0.5. The affected element is an unknown function of the file upload.php of the component File Upload Endpoint. This manipulation of the argument uploadAllowExtensions causes cross site scripting. Remote exploitation of the attack is possibl...
CVE-2026-5615
The CVE-2026-5615 issue affects givanz Vvvebjs up to 2.0.5, specifically the File Upload Endpoint’s file upload.php. An manipulation of the uploadAllowExtensions argument enables cross-site scripting, with remote exploitation possible and a public exploit available. A patch is provided as 8cac22c...
CVE-2026-5615 givanz Vvvebjs File Upload Endpoint upload.php cross site scripting
A weakness has been identified in givanz Vvvebjs up to 2.0.5. The affected element is an unknown function of the file upload.php of the component File Upload Endpoint. This manipulation of the argument uploadAllowExtensions causes cross site scripting. Remote exploitation of the attack is possibl...
PT-2026-30559
A weakness has been identified in givanz Vvvebjs up to 2.0.5. The affected element is an unknown function of the file upload.php of the component File Upload Endpoint. This manipulation of the argument uploadAllowExtensions causes cross site scripting. Remote exploitation of the attack is possibl...
CVE-2024-25183
givanz VvvebJs 1.7.2 is vulnerable to Directory Traversal via scan.php...
CVE-2024-27480
givanz VvvebJs 1.7.2 is vulnerable to Insecure File Upload...
CVE-2024-25181
A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery SSRF and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "filegetcontents" function within the "save.php" file...
CVE-2024-25182
givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php...
CVE-2024-25183
givanz VvvebJs 1.7.2 is vulnerable to Directory Traversal via scan.php...
CVE-2024-27480
givanz VvvebJs 1.7.2 is vulnerable to Insecure File Upload...
CVE-2024-25183
givanz VvvebJs 1.7.2 is vulnerable to Directory Traversal via scan.php...
CVE-2024-27480
givanz VvvebJs 1.7.2 is vulnerable to Insecure File Upload...
CVE-2024-25182
givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php...
CVE-2024-25182
givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php...
CVE-2024-25181
A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery SSRF and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "filegetcontents" function within the "save.php" file...
CVE-2024-25181
A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery SSRF and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "filegetcontents" function within the "save.php" file...