Lucene search
K

8 matches found

Github Security Blog
Github Security Blog
added 2024/11/26 6:38 p.m.19 views

TCPDF Local File Inclusion vulnerability

Local File Inclusion LFI vulnerability has been discovered in TCPDF 6.7.5. This vulnerability enables a user to read arbitrary files from the server's file system through src tag, potentially exposing sensitive information...

6.2CVSS6.7AI score0.00816EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/11/26 6:38 p.m.8 views

GHSA-RMV2-8JJC-23XW TCPDF Local File Inclusion vulnerability

Local File Inclusion LFI vulnerability has been discovered in TCPDF 6.7.5. This vulnerability enables a user to read arbitrary files from the server's file system through src tag, potentially exposing sensitive information...

6.9CVSS6.1AI score0.00816EPSS
Exploits0References5
CVE
CVE
added 2024/11/26 12:0 a.m.70 views

CVE-2024-51058

CVE-2024-51058 is a Local File Inclusion (LFI) vulnerability in TCPDF. Impact: reading arbitrary server files via an src tag. Affects TCPDF 6.7.5 (per initial description). Exploitation details are not provided beyond the LFI vector; no in‑the‑wild exploitation data is included in the supplied d...

6.2CVSS6.8AI score0.00816EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/11/26 12:0 a.m.14 views

CVE-2024-51058

Local File Inclusion LFI vulnerability has been discovered in TCPDF 6.7.5. This vulnerability enables a user to read arbitrary files from the server's file system through src tag, potentially exposing sensitive information...

0.00816EPSS
Exploits0References3
CVE
CVE
added 2006/02/02 11:0 a.m.36 views

CVE-2006-0521

CVE-2006-0521 is a Cross-site scripting (XSS) vulnerability in BrowserCRM’s results.php where a manipulated query parameter can inject arbitrary script/HTML (demonstrated with an IMG SRC tag). Affects BrowserCRM; CVSS v2 base score 4.3 (MEDIUM). No explicit exploit details or remediation are prov...

4.3CVSS5.7AI score0.01342EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2005/02/20 5:0 a.m.56 views

CVE-2004-1594

CVE-2004-1594 is an XSS vulnerability in FuseTalk 4.0 where an attacker can trigger arbitrary script execution via an image tag (img src). Public references (NVD/NIST, CVSS 2.0 base score 4.3) corroborate a web context with no authentication required and partial integrity impact. A Nessus NASL en...

4.3CVSS6.2AI score0.0127EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2000/02/04 5:0 a.m.63 views

CVE-1999-0490

MSHTML.DLL in Internet Explorer 5.0 is affected by CVE-1999-0490. The vulnerability enables a remote attacker to cause information disclosure by using an IMG SRC tag to learn local file information. The documented impact is partial disclosure of data from the target user’s files, with network-bas...

7.5CVSS6.5AI score0.0993EPSS
Exploits0References1Affected Software1
exploitpack
exploitpack
added 1999/11/02 12:0 a.m.16 views

IBM HomePagePrint 1.0 7 - Remote Buffer Overflow

IBM HomePagePrint 1.0 7 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/763/info Certain versions of the IBM Web page printout software "IBM HomePagePrint " can in some instances be remotely exploited by malicious webservers. The problem lies in a buffer overflow in the code...

0.7AI score
Exploits0
Rows per page
Query Builder