EUVD-2025-199632

UnForm Server versions 10.1.15 contain an unauthenticated arbitrary file read and SMB coercion vulnerability in the Doc Flow feature’s 'arc' endpoint. The Doc Flow module uses the 'arc' handler to retrieve and render pages or resources specified by the user-supplied 'pp' parameter, but it does so...

PT-2025-48076

Name of the Vulnerable Software and Affected Versions UnForm Server versions prior to 10.1.15 Description UnForm Server versions prior to 10.1.15 have an unauthenticated arbitrary file read and SMB coercion issue in the Doc Flow feature’s arc endpoint. The Doc Flow module uses the arc handler to...

CVE-2024-11054

A vulnerability classified as critical was found in SourceCodester Simple Music Cloud Community System 1.0. This vulnerability affects unknown code of the file /music/ajax.php?action=signup. The manipulation of the argument pp leads to unrestricted upload. The attack can be initiated remotely. Th...

Nagios Log Server 跨站脚本漏洞

Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios, Inc. A cross-site scripting vulnerability exists in Nagios Log Server versions prior to 2.1.9. The vulnerability stems from Nagios Log Server including XSS in the customized column views of...