Lucene search
+L

32 matches found

CNNVD
CNNVD
added 2024/10/25 12:0 a.m.4 views

MangoOS 安全漏洞

MangoOS is an open source JavaScript object-oriented programming library from Automattic. A security vulnerability exists in MangoOS versions prior to 5.1.4 and Mango API versions prior to 4.5.5, which originates from an arbitrary file upload and allows attackers to execute arbitrary code via a...

9.8CVSS7.7AI score0.0088EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/25 12:0 a.m.4 views

MangoOS 安全漏洞

MangoOS is an open source JavaScript object-oriented programming library from Automattic. A security vulnerability exists in MangoOS versions prior to 5.2.0, which stems from vulnerability to a stored cross-site scripting attack that allows an attacker to execute arbitrary web script or HTML via ...

5.4CVSS5.8AI score0.00227EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/25 12:0 a.m.7 views

MangoOS 安全漏洞

MangoOS is an open source JavaScript object-oriented programming library from Automattic. A security vulnerability exists in MangoOS versions prior to 5.2.0, which stems from authenticated Remote Code Execution RCE via the Active Process Command feature...

7.2CVSS7.2AI score0.00749EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/25 12:0 a.m.10 views

CVE-2024-37846

MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection CSTI vulnerability via the Platform Management Edit page...

7.8AI score0.00296EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/25 12:0 a.m.13 views

PT-2024-27780 · Mangoos · Mangoos

Name of the Vulnerable Software and Affected Versions: MangoOS versions prior to 5.2.0 Description: The issue is related to a Client-Side Template Injection CSTI vulnerability. This vulnerability can be exploited via the Platform Management Edit page. Recommendations: For versions prior to 5.2.0,...

9.8CVSS7.4AI score0.00296EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/10/25 12:0 a.m.18 views

CVE-2024-37846

MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection CSTI vulnerability via the Platform Management Edit page...

0.00296EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/25 12:0 a.m.26 views

CVE-2024-37845

MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the Active Process Command feature...

0.00749EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/25 12:0 a.m.17 views

CVE-2024-37847

An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file...

0.0088EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/25 12:0 a.m.11 views

CVE-2024-37847

An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file...

8AI score0.0088EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/25 12:0 a.m.6 views

PT-2024-27781 · Mango Api +1 · Mango Api +1

Name of the Vulnerable Software and Affected Versions: MangoOS versions prior to 5.1.4 Mango API versions prior to 4.5.5 Description: An arbitrary file upload issue allows attackers to execute arbitrary code via a crafted file. Recommendations: For MangoOS versions prior to 5.1.4, update to versi...

9.8CVSS8.1AI score0.0088EPSS
Exploits0References7
CVE
CVE
added 2024/10/25 12:0 a.m.57 views

CVE-2024-37845

MangoOS is affected by CVE-2024-37845: versions prior to 5.2.0 expose an authenticated remote code execution (RCE) vulnerability through the Active Process Command feature. The issue is confirmed by multiple sources in the connected set (including PT-2024-27779 and Red Hat/NVD records). Impact de...

7.2CVSS8.3AI score0.00749EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/10/25 12:0 a.m.19 views

CVE-2024-37844

A stored cross-site scripting XSS vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

0.00227EPSS
Exploits0References2
Rows per page
Query Builder