Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-5352

Malware in sbrugna...

6.1CVSS6.3AI score0.00707EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2018-3387

Malware in sbrugna...

6.1CVSS6.3AI score0.00712EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-5351

Malware in sbrugna...

6.1CVSS6.3AI score0.00707EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-4263

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.0053EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/04 12:0 a.m.3 views

PT-2025-27947

Name of the Vulnerable Software and Affected Versions: Jirafeau affected versions not specified Description: The issue concerns a MIME Type Bypass Cross-Site Scripting vulnerability in Jirafeau. Normally, Jirafeau prevents browser preview for text files to prevent potential cross-site scripting...

6.1CVSS6.3AI score0.0053EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/05/22 10:48 p.m.9 views

CVE-2022-30110

The file preview functionality in Jirafeau 4.4.0, which is enabled by default, could be exploited for cross site scripting. An attacker could upload image/svg+xml files containing JavaScript. When someone visits the File Preview URL for this file, the JavaScript inside of this image/svg+xml file...

6.1CVSS5.8AI score0.0053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:52 a.m.8 views

CVE-2018-13409

An issue was discovered in Jirafeau before 3.4.1. The "search file by hash" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administrative privileges...

6.1CVSS6AI score0.00707EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:32 a.m.8 views

CVE-2018-13408

An issue was discovered in Jirafeau before 3.4.1. The "search file by link" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administrative privileges...

6.1CVSS6AI score0.00707EPSS
Exploits1References1
Snyk
Snyk
added 2024/12/06 9:41 p.m.1 views

Cross-site Scripting (XSS)

Overview mojo42/jirafeau is a provides a simple way to upload a file. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the manipulation of MIME types during the upload process. An attacker can execute scripts in the context of the user's browser session. Details...

6.1CVSS5.5AI score0.00235EPSS
Exploits0References2
Rows per page
Query Builder