Lucene search
K

8 matches found

NVD
NVD
added 2026/06/26 7:16 p.m.9 views

CVE-2026-54753

Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx graph sent Access-Control-Allow-Origin: on every response, letting any website a developer visited read the server's responses cross-origin — including...

5.9CVSS0.00812EPSS
Exploits0References2
NVD
NVD
added 2026/01/15 4:16 p.m.4 views

CVE-2021-47776

Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. Attackers can craft malicious requests to the GetContextHelpForPage, GetRemoteDashboardContent, and...

6.9CVSS0.00343EPSS
Exploits1References3
CVE
CVE
added 2026/01/15 3:52 p.m.13 views

CVE-2021-47776

Umbraco CMS v8.14.1 is affected by a server-side request forgery due to improper validation of the baseUrl parameter in dashboard and help endpoints. The vulnerability enables an attacker to force the server to perform unauthorized requests to external hosts via the GetContextHelpForPage, GetRemo...

6.9CVSS6.5AI score0.00343EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.3 views

Tdarr 操作系统命令注入漏洞

Tdarr is a multimedia transcoding automation platform from Tdarr Inc. Tdarr version 2.00.15 suffers from an operating system command injection vulnerability that stems from unauthenticated remote code execution in the Help endpoint, which could lead an attacker to inject and link arbitrary comman...

9.8CVSS6.5AI score0.0119EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/08/21 8:9 p.m.15 views

CVE-2010-20109 Barracuda Spam & Virus Firewall "locale" Path Traversal

Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...

8.7CVSS0.01088EPSS
Exploits0References4
CVE
CVE
added 2025/08/21 8:9 p.m.14 views

CVE-2010-20109

CVE-2010-20109 affects Barracuda Spam & Virus Firewall, SSL VPN, and Web Application Firewall before October 2010. The flaw is a path traversal in the view_help.cgi endpoint caused by improper sanitization of the locale parameter, allowing unauthenticated remote attackers to inject traversal sequ...

8.7CVSS7.3AI score0.01088EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.4 views

PT-2025-34285 · Undefined · Undefined

Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the view help.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...

8.7CVSS7.3AI score0.01088EPSS
Exploits0References5
CNVD
CNVD
added 2015/04/08 12:0 a.m.8 views

Citrix NetScaler Nitro help/rt/large_search.html Cross-Site Scripting Vulnerability

Citrix NetScaler is a network traffic management product. A cross-site scripting vulnerability in Citrix NetScaler help/rt/largesearch.html allows an attacker to inject malicious script code via the searchQuery parameter...

4.3CVSS6.5AI score0.0196EPSS
Exploits1References1
Rows per page
Query Builder