Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-36851

Malicious code in bioql PyPI...

6.5CVSS5.2AI score0.01158EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:0 a.m.6 views

CVE-2024-21584

Pleasanter 1.3.49.0 and earlier contains a cross-site scripting vulnerability. If an attacker tricks the user to access the product with a specially crafted URL and perform a specific operation, an arbitrary script may be executed on the web browser of the user...

6.1CVSS6.3AI score0.00355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:12 a.m.5 views

CVE-2023-32607

Stored cross-site scripting vulnerability in Pleasanter Community Edition and Enterprise Edition 1.3.39.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script...

5.4CVSS5.8AI score0.00527EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:49 a.m.7 views

CVE-2023-32608

Directory traversal vulnerability in Pleasanter Community Edition and Enterprise Edition 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server...

6.5CVSS6.7AI score0.01158EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:44 a.m.9 views

CVE-2023-30758

Cross-site scripting vulnerability in Pleasanter 1.3.38.1 and earlier allows a remote authenticated attacker to inject an arbitrary script...

5.4CVSS6.2AI score0.00671EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.7 views

CVE-2023-45210

Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not permitted to access...

4.3CVSS6.6AI score0.00516EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:22 a.m.6 views

CVE-2023-34439

Pleasanter 1.3.47.0 and earlier contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the user's web browser...

5.4CVSS6.1AI score0.00397EPSS
Exploits0References1
OSV
OSV
added 2023/12/06 8:40 a.m.5 views

CVE-2023-34439

Pleasanter 1.3.47.0 and earlier contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the user's web browser...

5.4CVSS6.1AI score0.00397EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/12/06 8:40 a.m.3 views

CVE-2023-45210

Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not permitted to access...

4.4AI score0.00516EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/06 12:0 a.m.3 views

Pleasanter Security Vulnerability

Pleasanter is a free OSS no-code/low-code development tool from Pleasanter, Inc. A security vulnerability exists in Pleasanter 1.3.47.0 and prior versions, which originates from a vulnerability that could allow an authenticated, remote attacker to view temporary files uploaded by a user who does...

4.3CVSS5.1AI score0.00516EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/06 12:0 a.m.4 views

Pleasanter Security Vulnerability

Pleasanter is a free OSS no-code/low-code development tool from Pleasanter, Inc. A security vulnerability exists in Pleasanter 1.3.47.0 and earlier versions that stems from the presence of an open redirection vulnerability. An attacker can exploit the vulnerability to redirect users to arbitrary...

6.1CVSS5.5AI score0.00526EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/06/30 2:15 a.m.8 views

CVE-2023-32608

Directory traversal vulnerability in Pleasanter Community Edition and Enterprise Edition 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server...

6.6AI score0.01158EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/30 2:14 a.m.9 views

CVE-2023-32607

Stored cross-site scripting vulnerability in Pleasanter Community Edition and Enterprise Edition 1.3.39.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script...

5.8AI score0.00527EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/30 12:0 a.m.4 views

PT-2023-23908 · Unknown · Pleasanter

Name of the Vulnerable Software and Affected Versions: Pleasanter versions 1.3.39.2 and earlier Description: A directory traversal issue allows a remote authenticated attacker to alter an arbitrary file on the server. Recommendations: For versions 1.3.39.2 and earlier, update to a version later...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/05/31 6:34 a.m.3 views

Pleasanter vulnerable to cross-site scripting

Overview Pleasanter provided by Implem Inc. contains a cross-site scripting vulnerability CWE-79. Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to Implem Inc. and Implem Inc. reported it to IPA. JPCERT/CC and Implem Inc. coordinated under the Information Security...

5.4CVSS6.2AI score0.00671EPSS
Exploits1References6
Rows per page
Query Builder