18 matches found
EUVD-2023-0563
Malicious code in bioql PyPI...
EUVD-2022-6644
Malicious code in bioql PyPI...
GHSA-VP62-M958-QJ8C Gravitee API Management contains Path Traversal
This CVE addresses the partial fix for CVE-2019-25075 Gravitee API Management before 3.15.13 allows path traversal through HTML injection. A certain HTML injection combined with path traversal in the Email service in Gravitee API Management before 3.15.13 allows anonymous users to read arbitrary...
Gravitee API Management contains Path Traversal
This CVE addresses the partial fix for CVE-2019-25075 Gravitee API Management before 3.15.13 allows path traversal through HTML injection. A certain HTML injection combined with path traversal in the Email service in Gravitee API Management before 3.15.13 allows anonymous users to read arbitrary...
CVE-2022-38723
Gravitee API Management before 3.15.13 allows path traversal through HTML injection...
CVE-2022-38723
Gravitee API Management before 3.15.13 allows path traversal through HTML injection...
Path traversal
Gravitee API Management before 3.15.13 allows path traversal through HTML injection...
CVE-2022-38723
Gravitee API Management before 3.15.13 allows path traversal through HTML injection...
PT-2023-13640 · Unknown · Gravitee Api Management
Name of the Vulnerable Software and Affected Versions: Gravitee API Management versions prior to 3.15.13 Description: The issue allows path traversal through HTML injection, potentially enabling anonymous users to read arbitrary files. This is achieved by combining HTML injection with path...
CVE-2022-38723
CVE-2022-38723 affects Gravitee API Management prior to version 3.15.13, where an HTML-injection flaw enables path traversal. Multiple connected sources confirm the vulnerability exists in Gravitee API Management before 3.15.13 and describe the underlying issue as HTML injection that allows path ...
Gravitee API Management 路径遍历漏洞
Gravitee API Management is an open source Gravitee API management tool. A path traversal vulnerability exists in Gravitee API Management versions prior to 3.15.13, which stems from a vulnerability that allows an attacker to implement path traversal via HTML injection...
CVE-2022-38723
Gravitee API Management before 3.15.13 allows path traversal through HTML injection...
CVE-2019-25075
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...
CVE-2019-25075
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...
Path traversal
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...
CVE-2019-25075
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...
CVE-2019-25075
Gravitee API Management contains a path traversal + HTML injection vulnerability (CVE-2019-25075). Before version 1.25.3, anonymous users could read arbitrary files via /management/users/register due to the HTML injection path traversal flaw in the Email service. CVSS:3.1 base 6.1 (NETWORK, LOW a...
Gravitee API Management 跨站脚本漏洞
Gravitee API Management is the open source Gravitee API management tool. A security vulnerability exists in Gravitee API Management prior to version 1.25.3, which stems from a combination of HTML injection and path traversal in the email service, allowing an anonymous user to read arbitrary files...