15 matches found
EUVD-2022-6644
Malicious code in bioql PyPI...
EUVD-2023-0563
Malicious code in bioql PyPI...
Gravitee API Management contains Path Traversal
This CVE addresses the partial fix for CVE-2019-25075 Gravitee API Management before 3.15.13 allows path traversal through HTML injection. A certain HTML injection combined with path traversal in the Email service in Gravitee API Management before 3.15.13 allows anonymous users to read arbitrary...
GHSA-VP62-M958-QJ8C Gravitee API Management contains Path Traversal
This CVE addresses the partial fix for CVE-2019-25075 Gravitee API Management before 3.15.13 allows path traversal through HTML injection. A certain HTML injection combined with path traversal in the Email service in Gravitee API Management before 3.15.13 allows anonymous users to read arbitrary...
CVE-2022-38723
Gravitee API Management before 3.15.13 allows path traversal through HTML injection...
CVE-2022-38723
Gravitee API Management before 3.15.13 allows path traversal through HTML injection...
CVE-2022-38723
Gravitee API Management before 3.15.13 allows path traversal through HTML injection...
Gravitee API Management 路径遍历漏洞
Gravitee API Management is an open source Gravitee API management tool. A path traversal vulnerability exists in Gravitee API Management versions prior to 3.15.13, which stems from a vulnerability that allows an attacker to implement path traversal via HTML injection...
PT-2023-13640 · Unknown · Gravitee Api Management
Name of the Vulnerable Software and Affected Versions: Gravitee API Management versions prior to 3.15.13 Description: The issue allows path traversal through HTML injection, potentially enabling anonymous users to read arbitrary files. This is achieved by combining HTML injection with path...
CVE-2019-25075
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...
CVE-2019-25075
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...
Path traversal
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...
CVE-2019-25075
Gravitee API Management contains a path traversal + HTML injection vulnerability (CVE-2019-25075). Before version 1.25.3, anonymous users could read arbitrary files via /management/users/register due to the HTML injection path traversal flaw in the Email service. CVSS:3.1 base 6.1 (NETWORK, LOW a...
CVE-2019-25075
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...
Gravitee API Management 跨站脚本漏洞
Gravitee API Management is the open source Gravitee API management tool. A security vulnerability exists in Gravitee API Management prior to version 1.25.3, which stems from a combination of HTML injection and path traversal in the email service, allowing an anonymous user to read arbitrary files...