Lucene search
K

4 matches found

NVD
NVD
added 2025/03/20 10:15 a.m.19 views

CVE-2024-8026

A Cross-Site Request Forgery CSRF vulnerability exists in the backend API of netease-youdao/qanything, as of commit d9ab8bc. The backend server has overly permissive CORS headers, allowing all cross-origin calls. This vulnerability affects all backend endpoints, enabling actions such as creating,...

8.1CVSS0.00228EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/11/03 6:9 a.m.22 views

CVE-2023-41357 Galaxy Software Services Vitals ESP - Arbitrary File Upload

Galaxy Software Services Corporation Vitals ESP is an online knowledge base management portal, it has insufficient filtering and validation during file upload. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary...

8.8CVSS7.5AI score0.00645EPSS
Exploits0References1
CNVD
CNVD
added 2021/10/25 12:0 a.m.19 views

Alfresco code issue vulnerability

Alfresco is an open source enterprise content management system. The platform pages are developed using Freemarker, and the main features include document management, collaboration, records management, knowledge base management, Web content management, etc. Alfresco has a security vulnerability...

5.3CVSS1.7AI score0.00829EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/13 12:0 a.m.5 views

Chadha Software Technologies PHPKB Standard Multi-Language Cross-Site Scripting Vulnerability (CNVD-2020-17954)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A cross-site scripting vulnerability exists in the way URIs are handled in the admin/header.php file in Chadha Software Technologies...

4.8CVSS6.4AI score0.00733EPSS
Exploits1References1
Rows per page
Query Builder