Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-0766

Malware in sbrugna...

6.1CVSS6.1AI score0.00305EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-5404

Malware in sbrugna...

7.5CVSS7.5AI score0.00497EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2025/05/22 5:34 p.m.4 views

CVE-2020-9447

There is an XSS cross-site scripting vulnerability in GwtUpload 1.0.3 in the file upload functionality. Someone can upload a file with a malicious filename, which contains JavaScript code, which would result in XSS. Cross-site scripting enables attackers to steal data, change the appearance of a...

6.1CVSS5.8AI score0.00305EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 4:15 p.m.5 views

CVE-2020-13128

An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java the servlet for handling file upload accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service...

7.5CVSS6.7AI score0.00497EPSS
Exploits1
Veracode
Veracodeadded 2021/04/23 3:41 a.m.21 views

Cross-site Scripting (XSS)

gwtupload is vulnerable to cross-site scripting. An attacker is able to inject and execute malicious script in a user's browser via the name parameter of file upload functionality...

6.1CVSS3.3AI score0.00305EPSS
Exploits1References2Affected Software2
vulnersOsv
vulnersOsvadded 2021/04/22 4:15 p.m.3 views

org.iplass:iplass-admin (>=3.0.1 <=3.2.16) potentially affected by CVE-2020-9447 via com.googlecode.gwtupload:gwtupload (=1.0.3)

com.googlecode.gwtupload:gwtupload MAVEN version =1.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on com.googlecode.gwtupload:gwtupload and may be impacted: - org.iplass:iplass-admin =3.0.1, =3.2.16 Source cves: CVE-2020-9447 Source advisory:...

6.1CVSS6.3AI score0.00305EPSS
Exploits1
Github Security Blog
Github Security Blogadded 2021/04/22 4:15 p.m.53 views

Cross-site Scripting in GwtUpload

The file-upload feature in GwtUpload 1.0.3 allows XSS via a crafted filename...

6.1CVSS5.6AI score0.00305EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2021/04/22 4:15 p.m.0 views

GHSA-5CHJ-XPRR-7QQX Cross-site Scripting in GwtUpload

The file-upload feature in GwtUpload 1.0.3 allows XSS via a crafted filename...

6.1CVSS5.9AI score0.00305EPSS
Exploits1References4
Huntr
Huntradded 2020/06/01 12:0 a.m.23 views

Denial of Service in manolo/gwtupload

Overview com.googlecode.gwtupload:gwtupload is a library for uploading files to web servers, showing a progress bar with real information about the process file size, bytes transferred, etc. Affected versions of this package are vulnerable to Denial of Service DoS. server/UploadServlet.java the...

5CVSS1.9AI score0.00497EPSS
Exploits1References2
Veracode
Veracodeadded 2020/05/20 1:46 a.m.13 views

Denial Of Service (DoS)

gwtupload is vulnerable to denial of service. The upload servlet accepts a delay parameter which would cause the server's threads to sleep, eventually causing the application to be non-responsive...

7.5CVSS2.2AI score0.00497EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2020/05/18 12:15 a.m.11 views

Design/Logic Flaw

An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java the servlet for handling file upload accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service...

5CVSS7.3AI score0.00497EPSS
Exploits1References2Affected Software1
CNVD
CNVDadded 2020/05/18 12:0 a.m.5 views

Manolo GWTUpload Code Issue Vulnerability

Manolo GWTUpload is a library based on HTML and JavaScript , it is mainly used to upload files to a Web server . A security vulnerability exists in server/UploadServlet.java the servlet that handles file uploads in Manolo GWTUpload version 1.0.3. An attacker can exploit this vulnerability with th...

7.5CVSS6.5AI score0.00497EPSS
Exploits1References1
CVE
CVEadded 2020/05/17 11:4 p.m.45 views

CVE-2020-13128

An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service.

7.5CVSS7.3AI score0.00497EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2020/05/17 11:4 p.m.9 views

CVE-2020-13128

An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java the servlet for handling file upload accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service...

7.4AI score0.00497EPSS
Exploits1References2
Core Security
Core Securityadded 2020/03/04 12:0 a.m.31 views

: GWTUpload XSS in the file upload functionality

Advisory ID Internal CORE-2020-0003 1. Advisory Information Title : GWTUpload XSS in the file upload functionality Advisory ID : CORE-2020-0003 Date published : 2020-03-04 Date of last update : 2020-03-04 Vendors contacted : Manuel Carrasco Moñino https://github.com/manolo/gwtupload Release mode ...

6.1CVSS6.6AI score0.00305EPSS
Exploits1
Veracode
Veracodeadded 2020/03/02 9:19 a.m.12 views

Cross-site Scripting (XSS)

gwtupload-samples is vulnerable to cross-site scripting XSS. The attack is possible because it allows the attacker to input malicious file names using the upload functionality, leading to an execution of malicious script when the filename is processed...

6.1CVSS2.7AI score0.00305EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2020/02/28 4:15 p.m.11 views

CVE-2020-9447

There is an XSS cross-site scripting vulnerability in GwtUpload 1.0.3 in the file upload functionality. Someone can upload a file with a malicious filename, which contains JavaScript code, which would result in XSS. Cross-site scripting enables attackers to steal data, change the appearance of a...

6.1CVSS5.7AI score
Exploits0References2
NVD
NVDadded 2020/02/28 4:15 p.m.7 views

CVE-2020-9447

There is an XSS cross-site scripting vulnerability in GwtUpload 1.0.3 in the file upload functionality. Someone can upload a file with a malicious filename, which contains JavaScript code, which would result in XSS. Cross-site scripting enables attackers to steal data, change the appearance of a...

6.1CVSS6AI score0.00305EPSS
Exploits1References2
Prion
Prionadded 2020/02/28 4:15 p.m.12 views

Cross site scripting

There is an XSS cross-site scripting vulnerability in GwtUpload 1.0.3 in the file upload functionality. Someone can upload a file with a malicious filename, which contains JavaScript code, which would result in XSS. Cross-site scripting enables attackers to steal data, change the appearance of a...

4.3CVSS5.9AI score0.00305EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2020/02/28 3:7 p.m.11 views

CVE-2020-9447

There is an XSS cross-site scripting vulnerability in GwtUpload 1.0.3 in the file upload functionality. Someone can upload a file with a malicious filename, which contains JavaScript code, which would result in XSS. Cross-site scripting enables attackers to steal data, change the appearance of a...

6AI score0.00305EPSS
Exploits1References2
Rows per page
Query Builder