359 matches found
NodeBB XML-RPC Request xmlrpc.php - XML Injection
A remote code execution RCE vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests. id: CVE-2023-43187 info: name: NodeBB XML-RPC Request xmlrpc.php - XML Injection author: 0xParth...
CVE-2021-47746
NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows administrative users to write files to arbitrary system locations through the emoji upload API. Attackers with admin access can craft file upload requests with directory traversal to overwrite system files by...
CVE-2021-47746
NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows administrative users to write files to arbitrary system locations through the emoji upload API. Attackers with admin access can craft file upload requests with directory traversal to overwrite system files by...
CVE-2021-47746
CVE-2021-47746 concerns an arbitrary file write in the NodeBB Plugin Emoji 3.2.1. The vulnerability exists in the emoji upload API where an attacker with administrative access can craft file upload requests using directory traversal to overwrite arbitrary system files. Affected software: NodeBB P...
CVE-2021-47746 NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write
NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows administrative users to write files to arbitrary system locations through the emoji upload API. Attackers with admin access can craft file upload requests with directory traversal to overwrite system files by...
CVE-2021-47746 NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write
NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows administrative users to write files to arbitrary system locations through the emoji upload API. Attackers with admin access can craft file upload requests with directory traversal to overwrite system files by...
CVE-2021-47746
NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows administrative users to write files to arbitrary system locations through the emoji upload API. Attackers with admin access can craft file upload requests with directory traversal to overwrite system files by...
Emoji for NodeBB security vulnerability
Emoji for NodeBB is an emoji plugin developed by NodeBB. Version 3.2.1 of Emoji for NodeBB contains a security vulnerability. This vulnerability stems from the possibility of arbitrary file writing through the emoji upload API, which could lead to overwriting system files...
PT-2026-3793
Name of the Vulnerable Software and Affected Versions NodeBB Plugin Emoji version 3.2.1 Description The NodeBB Plugin Emoji version 3.2.1 has a flaw that allows administrative users to write files to arbitrary system locations. This is possible through the emoji upload API by manipulating the fil...
CVE-2023-43187
A remote code execution RCE vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests...
EUVD-2021-2408
Malware in sbrugna...
EUVD-2021-2372
Malware in sbrugna...
EUVD-2019-0456
Malware in sbrugna...
EUVD-2020-7232
Malware in sbrugna...
EUVD-2021-2354
Malware in sbrugna...
EUVD-2020-0586
Malware in sbrugna...
EUVD-2023-1957
Malicious code in bioql PyPI...
EUVD-2023-34971
Malicious code in bioql PyPI...
EUVD-2025-11882
Malicious code in bioql PyPI...
EUVD-2024-53506
Malicious code in bioql PyPI...