Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2025-26642

Malicious code in bioql PyPI...

9.3CVSS6.4AI score0.01557EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/03 8:19 p.m.7 views

CVE-2025-55748 XWiki Platform's configuration files can be accessed through jsx and sx endpoints

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-2 through 16.10.6, configuration files are accessible through jsx and sx endpoints. It's possible to access and read configuration files by using URLs such as...

9.3CVSS0.01639EPSS
Exploits0References3
CVE
CVE
added 2025/09/03 8:19 p.m.41 views

CVE-2025-55748

Affected product : XWiki Platform. Vulnerability : path traversal through the jsx and sx endpoints that allows remote attackers to read configuration files. Root cause : improper access control enabling traversal to read files like WEB-INF/xwiki.cfg. Versions affected : 4.2-milestone-2 through 16...

9.3CVSS6.2AI score0.01639EPSS
In wildExploits0References3Affected Software1
CVE
CVE
added 2025/09/03 8:12 p.m.23 views

CVE-2025-55747

CVE-2025-55747 — XWiki Platform Information Disclosure . Affected: XWiki Platform versions 6.1-milestone-2 through 16.10.6. Root cause: configuration files are exposed via the webjars API, enabling remote access to sensitive configuration data. Evidence across connected sources confirms this is a...

9.3CVSS6.3AI score0.01557EPSS
In wildExploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.5 views

PT-2025-35831

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 6.1-milestone-2 through 16.10.6 Description: The XWiki Platform is a generic wiki platform. Affected versions allow access to configuration files through the webjars API. This issue is resolved in version 16.10.7...

9.3CVSS6.4AI score0.01557EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.5 views

XWiki Platform 安全漏洞

XWiki Platform is XWiki's open source suite of wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform versions 1.2-milestone-2 through 16.3.0, which stems from the fact that any user with a master wiki account can run scheduling operations on...

5.4CVSS5.3AI score0.00553EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/08/24 12:0 a.m.17 views

XWiki 4.3-milestone-2 < 14.10.5 Privilege Escalation Vulnerability (GHSA-5mf8-v43w-mfxp)

XWiki is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescripti...

9.9CVSS8.6AI score0.00983EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/08/18 12:0 a.m.19 views

XWiki 4.0-milestone-2 < 13.10.11, 14.0-rc-1 < 14.4.8, 14.5 < 14.10.1 XSS Vulnerability (GHSA-44h9-xxvx-pg6x)

Xwiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

7.7CVSS5.2AI score0.00567EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/07/26 12:0 a.m.18 views

XWiki 2.5-milestone-2 < 13.10.11, 14.0-rc-1 < 14.4.8, 14.5 < 14.10.1 Information Disclosure Vulnerability (GHSA-m3c3-9qj7-7xmx)

Xwiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

7.5CVSS7.2AI score0.0101EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/07/13 12:0 a.m.15 views

XWiki 4.3-milestone-2 < 14.10.2 Code Injection Vulnerability (GHSA-4v38-964c-xjmw)

Xwiki is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

9.9CVSS8.7AI score0.01864EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.7 views

XWiki Platform 安全漏洞

XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from the XWiki Foundation in France. A security vulnerability exists in XWiki Platform versions 3.3-milestone-2, prior to 14.10.4, and prior to 15.0-rc-1, which stems from a user being able to perform any acti...

9.9CVSS7.9AI score0.00779EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.18 views

XWiki 6.3-milestone-2 < 13.10.11, 14.x < 14.4.7, 14.5.x < 14.10 Eval Injection Vulnerability (GHSA-qxjg-jhgw-qhrv)

Xwiki is prone to an eval injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

9.9CVSS9AI score0.01144EPSS
Exploits1References3
exploitpack
exploitpack
added 2005/07/18 12:0 a.m.15 views

osCommerce 2.2 - update.php Information Disclosure

osCommerce 2.2 - update.php Information Disclosure source: https://www.securityfocus.com/bid/14294/info osCommerce is prone to an information-disclosure vulnerability. An attacker could exploit this vulnerability to display the contents of any file normally readable by the webserver process...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2005/07/18 12:0 a.m.30 views

osCommerce 2.2 - &#039;update.php&#039; Information Disclosure

source: https://www.securityfocus.com/bid/14294/info osCommerce is prone to an information-disclosure vulnerability. An attacker could exploit this vulnerability to display the contents of any file normally readable by the webserver process. Successful exploitation would result in information...

7AI score
Exploits0
Rows per page
Query Builder