23 matches found
CVE-2025-12250
A flaw has been found in OpenWGA 7.11.12 Build 737. This affects an unknown function of the file WGA.File of the component TMLScript API. Executing manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was...
CVE-2025-12251
A vulnerability has been found in OpenWGA 7.11.12 Build 737. This impacts an unknown function of the component Admin UI. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted ear...
CVE-2025-12250
A flaw has been found in OpenWGA 7.11.12 Build 737. This affects an unknown function of the file WGA.File of the component TMLScript API. Executing manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was...
CVE-2025-12251
A vulnerability has been found in OpenWGA 7.11.12 Build 737. This impacts an unknown function of the component Admin UI. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted ear...
EUVD-2025-36132
A vulnerability has been found in OpenWGA 7.11.12 Build 737. This impacts an unknown function of the component Admin UI. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted ear...
CVE-2025-12251 OpenWGA Admin UI cross site scripting
A vulnerability has been found in OpenWGA 7.11.12 Build 737. This impacts an unknown function of the component Admin UI. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted ear...
CVE-2025-12251 OpenWGA Admin UI cross site scripting
A vulnerability has been found in OpenWGA 7.11.12 Build 737. This impacts an unknown function of the component Admin UI. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted ear...
CVE-2025-12251
OpenWGA 7.11.12 Build 737 — vulnerability in the Admin UI component enables cross-site scripting. The issue affects the Admin UI function; root cause is a flaw that allows remote execution of scripts. Impact is client-side data integrity/defense separation with potential for arbitrary script exec...
EUVD-2025-36133
A flaw has been found in OpenWGA 7.11.12 Build 737. This affects an unknown function of the file WGA.File of the component TMLScript API. Executing manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was...
CVE-2025-12250 OpenWGA TMLScript API WGA.File path traversal
A flaw has been found in OpenWGA 7.11.12 Build 737. This affects an unknown function of the file WGA.File of the component TMLScript API. Executing manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was...
CVE-2025-12250
OpenWGA 7.11.12 Build 737 is affected by a path traversal flaw in the WGA.File component of the TMLScript API. Attack requires no user interaction and can be launched remotely; an exploit has been published. The root cause is described as an incorrect manipulation within WGA.File leading to path ...
CVE-2025-12250 OpenWGA TMLScript API WGA.File path traversal
A flaw has been found in OpenWGA 7.11.12 Build 737. This affects an unknown function of the file WGA.File of the component TMLScript API. Executing manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was...
PT-2025-43909
Name of the Vulnerable Software and Affected Versions OpenWGA version 7.11.12 Build 737 Description A security issue exists in OpenWGA that allows for cross site scripting. The issue impacts an unknown function within the Admin UI component and can be initiated remotely. The exploit for this issu...
OpenWGA 代码注入漏洞
OpenWGA is an OpenWGA open source content management system and web application development platform. A code injection vulnerability exists in OpenWGA version 7.11.12 Build 737, which stems from a cross-site scripting vulnerability in the Admin UI component...
PT-2025-43908
Name of the Vulnerable Software and Affected Versions OpenWGA version 7.11.12 Build 737 Description A flaw exists in OpenWGA that can lead to path traversal. The issue affects an unknown function within the WGA.File of the TMLScript API component. It is possible to launch the attack remotely. An...
OpenWGA 路径遍历漏洞
OpenWGA is an OpenWGA open source content management system and web application development platform. A path traversal vulnerability exists in OpenWGA version 7.11.12 Build 737, which stems from incorrect manipulation of the TMLScript API component in the file WGA.File, and could lead to a path...
OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution Vulnerability
OpenWGA Developer Studio is all the development and deployment tools necessary to create, develop, deploy, share and maintain OpenWGA CMS applications packaged together with OpenWGA CMS Server. An arbitrary code execution vulnerability exists in OpenWGA Developer Studio. The vulnerability allows...
OpenWGA Content Manager Detection (HTTP)
HTTP based detection of OpenWGA Content Manager. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OpenWGA Content Manager XSS Vulnerability
OpenWGA Content Manager is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution
OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution Vendor: Innovation Gate GmbH Product web page: https://www.openwga.com Affected version: 3.1.0.r00147 Summary: The OpenWGA Developer Studio packages an OpenWGA CMS server together with all necessary development and deployment...