Lucene search
+L

27 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-1543

Malicious code in bioql PyPI...

9CVSS7.4AI score0.00888EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-57358

Malicious code in bioql PyPI...

7.8CVSS5.8AI score0.00194EPSS
Exploits0References2
NVD
NVD
added 2023/09/16 9:15 p.m.24 views

CVE-2023-5012

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...

7.8CVSS6AI score0.00194EPSS
Exploits0References2
OSV
OSV
added 2023/09/16 9:15 p.m.8 views

CVE-2023-5012

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...

7.8CVSS5AI score0.00194EPSS
Exploits0References2
Prion
Prion
added 2023/09/16 9:15 p.m.23 views

Design/Logic Flaw

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...

4.3CVSS7.5AI score0.00194EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/09/16 8:31 p.m.69 views

CVE-2023-5012 Topaz OFD Protection Module Warsaw core.exe unquoted search path

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...

5.3CVSS7.8AI score0.00194EPSS
Exploits0References2
CVE
CVE
added 2023/09/16 8:31 p.m.72 views

CVE-2023-5012

The CVE-2023-5012 issue affects Topaz OFD version 2.11.0.201, specifically the Warsaw Protection Module core.exe component located under C:\Program Files\Topaz OFD\Warsaw\core.exe. The root cause is an unquoted search path, enabling local attacker access. There is no indication of remote exploita...

7.8CVSS6.2AI score0.00194EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/09/16 12:0 a.m.7 views

Topaz Labs OFD Code Issue Vulnerability

Topaz Labs OFD is an application from Topaz Labs, Inc. A code issue vulnerability exists in Topaz Labs OFD version 2.11.0.201, which stems from an unknown section of the C:Program FilesTopaz OFDWarsawcore.exe file in the component Protection Module Warsaw, resulting in an unquoted search path...

7.8CVSS7.1AI score0.00194EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/09/16 12:0 a.m.9 views

PT-2023-31479 · Topaz Ofd · Topaz Ofd

Name of the Vulnerable Software and Affected Versions: Topaz OFD version 2.11.0.201 Description: A problematic vulnerability was found in Topaz OFD, affecting an unknown part of the file C:Program FilesTopaz OFDWarsawcore.exe of the component Protection Module Warsaw. The manipulation leads to an...

7.8CVSS7.2AI score0.00194EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2022/05/17 12:0 a.m.209 views

Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)

Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...

6.9CVSS5.5AI score0.03274EPSS
Exploits4
Huntr
Huntr
added 2022/03/23 2:33 a.m.10 views

Stored XSS via upload file

Description In document feature, you can upload a file .ofd which can have xss Proof of Concept // xss.ofd alert1 Step 1: Go to Support - Documents Step 2: Click Create Documents Step 3: At the Download type, choose Internal. Upload file xss.ofd above. Step 4: Go to that file link, such as:...

7AI score
Exploits0
Veracode
Veracode
added 2022/03/22 8:34 a.m.18 views

Cross-site Scripting (XSS)

showdoc/showdoc is vulnerable to stored cross-site scripting. The vulnerability exists due to lack of xss validations for uploaded OFD files before they get stored which allows an attacker to inject and execute arbitrary javascript...

5.4CVSS2.9AI score0.03274EPSS
Exploits4References4Affected Software1
CNVD
CNVD
added 2022/03/21 12:0 a.m.34 views

showdoc Cross-Site Scripting Vulnerability (CNVD-2022-21807)

showdoc is open source and a great tool for IT teams to share documents online. showdoc versions prior to 2.10.4 have a security vulnerability that stems from the application allowing the upload of .ofd files, which leads to a cross-site scripting vulnerability. No detailed vulnerability details...

9CVSS2AI score0.00888EPSS
Exploits1References1
CNVD
CNVD
added 2022/03/17 12:0 a.m.19 views

showdoc .ofd file upload vulnerability

showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 are vulnerable to file uploads, which stem from the lack of effective detection of .ofd file extensions in the application's file upload feature. An attacker could use this vulnerability to...

6.9CVSS1.5AI score0.03274EPSS
Exploits4References1
OSV
OSV
added 2022/03/16 12:0 a.m.17 views

GHSA-3PG8-C473-W6RR Stored Cross-site Scripting in showdoc

ShowDoc is a tool for an IT team to share documents online. showdoc contains a stored cross-site scripting vulnerability in the File Library page when uploading a file in .ofd format in versions prior to 2.10.4. At this time, there is no known workaround. Users should update to version 2.10.4...

6.9CVSS5AI score0.03274EPSS
Exploits4References4
OSV
OSV
added 2022/03/16 12:0 a.m.18 views

GHSA-V8MP-HHJQ-H4CJ Cross-site Scripting in ShowDoc

ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via .ofd file upload...

5.4CVSS5.1AI score0.00888EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/03/16 12:0 a.m.19 views

Stored Cross-site Scripting in showdoc

ShowDoc is a tool for an IT team to share documents online. showdoc contains a stored cross-site scripting vulnerability in the File Library page when uploading a file in .ofd format in versions prior to 2.10.4. At this time, there is no known workaround. Users should update to version 2.10.4...

6.9CVSS1.8AI score0.03274EPSS
Exploits4References4Affected Software1
NVD
NVD
added 2022/03/15 4:15 p.m.21 views

CVE-2022-0965

Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4...

9CVSS0.00888EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/03/15 3:35 p.m.20 views

CVE-2022-0965 Stored XSS viva .ofd file upload in star7th/showdoc

Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4...

9CVSS5.5AI score0.00888EPSS
Exploits1References2
Huntr
Huntr
added 2022/03/14 2:39 p.m.30 views

Stored XSS via File Upload in star7th/showdoc in star7th/showdoc

Description Stored XSS via uploading file in .ofd format. Proof of Concept filename="test.ofd" alert1 Steps to Reproduce 1. Login into showdoc.com.cn. 2. Navigate to file library https://www.showdoc.com.cn/attachment/index 3. In the File Library page, click the Upload button and choose the test.o...

3.5CVSS5.2AI score0.03274EPSS
Exploits4
Rows per page
Query Builder