Lucene search
K

12 matches found

EUVD
EUVD
added 2026/05/11 6:31 a.m.8 views

EUVD-2026-29022

A security vulnerability has been detected in Tenda AC6 15.03.06.23. Affected by this issue is the function getlogfile of the file /goform/getLogFile of the component httpd. The manipulation of the argument wans.flag leads to os command injection. The attack can be initiated remotely. The exploit...

7.2CVSS5.6AI score0.04412EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/03/06 7:11 a.m.95 views

CVE-2026-29059 Windmill: SUPERADMIN_SECRET (rarely used) can be accessed publicly

Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Prior to version 1.603.3, an unauthenticated path traversal vulnerability exists in Windmill's getlogfile endpoint "/api/w/workspace/jobsu/getlogfile/filename". The filename parameter is...

6.9CVSS0.02584EPSS
Exploits0References2
CVE
CVE
added 2026/03/06 7:11 a.m.38 views

CVE-2026-29059

CVE-2026-29059 (Windmill) : Windmill

7.5CVSS5.8AI score0.02584EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.2 views

PT-2026-23658

Name of the Vulnerable Software and Affected Versions Windmill versions prior to 1.603.3 Description Windmill is a developer platform for internal code, including APIs, background jobs, workflows, and UIs. A path traversal issue exists in the get log file API endpoint "/api/w/workspace/jobs u/get...

6.9CVSS5.9AI score0.02584EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-31786

Malicious code in bioql PyPI...

6.1CVSS4.9AI score0.00738EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 6:17 a.m.10 views

CVE-2024-3194

A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to...

6.1CVSS6.2AI score0.00738EPSS
Exploits1References1
NVD
NVD
added 2024/04/29 7:15 a.m.14 views

CVE-2024-3194

A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to...

6.1CVSS4.3AI score0.00738EPSS
Exploits1References5
OSV
OSV
added 2024/04/29 7:15 a.m.7 views

CVE-2024-3194

A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to...

6.1CVSS3.5AI score0.00738EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/04/29 6:22 a.m.11 views

CVE-2024-3194 MailCleaner Log File Endpoint cross site scripting

A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to...

5CVSS6.2AI score0.00738EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/04/29 6:22 a.m.21 views

CVE-2024-3194 MailCleaner Log File Endpoint cross site scripting

A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to...

5CVSS4.7AI score0.00738EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/12/18 12:0 a.m.4 views

Apache Doris 安全漏洞

Apache Doris is a modern MPP analytic database product of the U.S. Apache Apache Foundation. Can provide sub-second queries and efficient real-time data analysis. Apache Doris suffers from an authorization issue vulnerability that stems from api /api/snapshot and /api/getlogfile allowing...

8.2CVSS7AI score0.00898EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.5 views

PT-2023-27900 · Softwarex · Softwarex

Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 2.0.3 Description: The issue allows unauthenticated access through the API endpoints "/api/snapshot" and "/api/get log file". This could potentially lead to a DoS attack or allow an attacker to retrieve arbitrary...

8.2CVSS8.2AI score0.00898EPSS
Exploits0References3
Rows per page
Query Builder