Lucene search
+L

6 matches found

osv
osv
added 2026/07/09 6:42 p.m.2 views

SUSE-SU-2026:2830-1 Security update for warewulf4

This update for warewulf4 fixes the following issues: Update to v4.7.0. Security issues fixed: - CVE-2025-69725: incorrect input validation in the RedirectSlashes function can lead to an open redirect bsc1258511. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when giv...

9.6CVSS6.5AI score0.00781EPSS
Exploits0References11
vulnrichment
vulnrichment
added 2024/07/21 4:0 a.m.19 views

CVE-2024-6937 formtools.org Form Tools Import Option List edit.php curl_exec file inclusion

A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Affected is the function curlexec of the file /admin/forms/optionlists/edit.php of the component Import Option List. The manipulation of the argument url leads to file inclusion. It is possible to...

5.1CVSS6.8AI score0.00368EPSS
Exploits0References4
cvelist
cvelist
added 2024/07/21 4:0 a.m.30 views

CVE-2024-6937 formtools.org Form Tools Import Option List edit.php curl_exec file inclusion

A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Affected is the function curlexec of the file /admin/forms/optionlists/edit.php of the component Import Option List. The manipulation of the argument url leads to file inclusion. It is possible to...

5.1CVSS0.00368EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2024/07/21 12:0 a.m.9 views

PT-2024-37975 · Unknown · Form Tools

Name of the Vulnerable Software and Affected Versions: Form Tools version 3.1.1 Description: A problematic issue was found in the Import Option List component, specifically affecting the curl exec function in the /admin/forms/option lists/edit.php file. The manipulation of the url argument leads ...

5.1CVSS4.2AI score0.00368EPSS
Exploits0References8
exploitdb
exploitdb
added 2017/11/27 12:0 a.m.65 views

Diving Log 6.0 - XML External Entity Injection

Exploit Title: Diving Log 6.0 XXE Injection + Date: 27-11-2017 + Exploit Author: Trent Gordon + Vendor Homepage: http://www.divinglog.de + Software Link: http://www.divinglog.de/english/download/ + Disclosed at: https://thenopsled.com/divinglog.txt + Version: 6.0 + Tested on: Windows 7 SP1,...

5.5CVSS5.5AI score0.03663EPSS
Exploits5
nessus
nessus
added 2017/08/14 12:0 a.m.42 views

FreeBSD : GitLab -- two vulnerabilities (abcc5ad3-7e6a-11e7-93f7-d43d7e971a1b)

GitLab reports : Remote Command Execution in git client An external code review performed by Recurity-Labs identified a remote command execution vulnerability in git that could be exploited via the 'Repo by URL' import option in GitLab. The command line git client was not properly escaping comman...

8.8CVSS8.4AI score0.0354EPSS
Exploits1References3
Rows per page
Query Builder