54 matches found
CVE-2021-33213
An SSRF vulnerability in the "Upload from URL" feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to retrieve HTTP and FTP files from the internal server network by inserting an internal address...
EUVD-2007-0581
Malware in sbrugna...
EUVD-2021-19923
Malware in sbrugna...
EUVD-2021-19925
Malware in sbrugna...
EUVD-2021-19924
Malware in sbrugna...
EUVD-2022-29452
Malicious code in bioql PyPI...
EUVD-2021-27977
Malicious code in bioql PyPI...
CVE-2022-24573
A stored cross-site scripting XSS vulnerability in the admin interface in Element-IT HTTP Commander 7.0.0 allows unauthenticated users to get admin access by injecting a malicious script in the User-Agent field...
CVE-2021-33211
A Directory Traversal vulnerability in the Unzip feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to write files to arbitrary directories via relative paths in ZIP archives...
CVE-2021-33212
A Cross-site scripting XSS vulnerability in the "View in Browser" feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SVG image...
CVE-2022-24573
A stored cross-site scripting XSS vulnerability in the admin interface in Element-IT HTTP Commander 7.0.0 allows unauthenticated users to get admin access by injecting a malicious script in the User-Agent field...
CVE-2022-24573
A stored cross-site scripting XSS vulnerability in the admin interface in Element-IT HTTP Commander 7.0.0 allows unauthenticated users to get admin access by injecting a malicious script in the User-Agent field...
CVE-2022-24573
A stored cross-site scripting XSS vulnerability in the admin interface in Element-IT HTTP Commander 7.0.0 allows unauthenticated users to get admin access by injecting a malicious script in the User-Agent field...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the admin interface in Element-IT HTTP Commander 7.0.0 allows unauthenticated users to get admin access by injecting a malicious script in the User-Agent field...
CVE-2022-24573
Element-IT HTTP Commander 7.0.0 is affected by a stored cross-site scripting (XSS) vulnerability in the admin interface. The issue allows unauthenticated attackers to obtain admin access by injecting a malicious script through the User-Agent field. The CVE describes the root cause as a stored XSS...
CVE-2022-24573
A stored cross-site scripting XSS vulnerability in the admin interface in Element-IT HTTP Commander 7.0.0 allows unauthenticated users to get admin access by injecting a malicious script in the User-Agent field...
Element-IT HTTP Commander 跨站脚本漏洞
Element-IT HTTP Commander is a server-hosted, web-based file management solution from Element-IT Germany. It provides basic functionality for working with files creating, copying, deleting, etc. and many other additional features, such as integration with cloud services, online editing of Office...
CVE-2021-40813
A cross-site scripting XSS vulnerability in the "Zip content" feature in Element-IT HTTP Commander 3.1.9 allows remote authenticated users to inject arbitrary web script or HTML via filenames...
Cross site scripting
A cross-site scripting XSS vulnerability in the "Zip content" feature in Element-IT HTTP Commander 3.1.9 allows remote authenticated users to inject arbitrary web script or HTML via filenames...
CVE-2021-40813
CVE-2021-40813 documents a cross-site scripting (XSS) vulnerability in the Zip Content feature of Element-IT HTTP Commander 3.1.9. The issue allows remote authenticated users to inject arbitrary web script or HTML via filenames. Affected software: Element-IT HTTP Commander 3.1.9; vulnerable compo...