Lucene search
K

14 matches found

EUVD
EUVD
added 2 days ago5 views

EUVD-2026-39512

K3s: ZIP Archive Path Traversal Vulnerability in etcd Snapshot Decompression...

5.8CVSS6.1AI score0.00122EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.8 views

CVE-2025-40903

A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can define a malicious restore schedule containing HTML tags. When a victim views the affected...

5.9CVSS5.5AI score0.00194EPSS
Exploits0References1
NVD
NVD
added 2026/05/19 2:16 p.m.16 views

CVE-2025-40903

A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can define a malicious restore schedule containing HTML tags. When a victim views the affected...

5.9CVSS0.00194EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/19 1:22 p.m.14 views

CVE-2025-40903 HTML injection in Schedule Restore Archive in Guardian/CMC before 26.1.0

A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can define a malicious restore schedule containing HTML tags. When a victim views the affected...

5.9CVSS5.8AI score0.00194EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/19 1:22 p.m.10 views

EUVD-2025-209896

A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can define a malicious restore schedule containing HTML tags. When a victim views the affected...

5.9CVSS5.8AI score0.00194EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/19 1:22 p.m.6 views

CVE-2025-40903

A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can define a malicious restore schedule containing HTML tags. When a victim views the affected...

5.9CVSS5.8AI score0.00194EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/19 1:22 p.m.40 views

CVE-2025-40903 HTML injection in Schedule Restore Archive in Guardian/CMC before 26.1.0

A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can define a malicious restore schedule containing HTML tags. When a victim views the affected...

5.9CVSS0.00194EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 1:22 p.m.27 views

CVE-2025-40903

Summary (technical details from sources): CVE-2025-40903 affects Guardian/CMC prior to version 26.1.0, in the Schedule Restore Archive function. A stored HTML injection flaw arises from improper validation of an input parameter in a restore schedule defined by an authenticated administrator. When...

5.9CVSS5.8AI score0.00194EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.14 views

PT-2026-41890

A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can define a malicious restore schedule containing HTML tags. When a victim views the affected...

5.9CVSS5.8AI score0.00194EPSS
Exploits0References2
NOZOMI
NOZOMI
added 2026/05/19 12:0 a.m.23 views

HTML injection in Schedule Restore Archive in Guardian/CMC before 26.1.0

Summary A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. Impact An authenticated user with administrative privileges can define a malicious restore schedule containing HTML tags. When a victim view...

5.9CVSS5.8AI score0.00194EPSS
Exploits0Affected Software2
ATTACKERKB
ATTACKERKB
added 2022/03/01 11:15 p.m.6 views

CVE-2022-24254

An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file...

8.8CVSS7.7AI score0.02415EPSS
Exploits1References5
OSV
OSV
added 2022/03/01 11:15 p.m.5 views

CVE-2022-24254

An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file...

8.8CVSS7.6AI score0.02415EPSS
Exploits1References4
NVD
NVD
added 2022/03/01 11:15 p.m.19 views

CVE-2022-24254

An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file...

8.8CVSS0.02415EPSS
Exploits1References2
OSV
OSV
added 2022/02/04 5:15 p.m.5 views

CVE-2022-24262

The config restore function of Voipmonitor GUI before v24.96 does not properly check files sent as restore archives, allowing remote attackers to execute arbitrary commands via a crafted file in the web root...

8.8CVSS6AI score0.01825EPSS
Exploits1References2
Rows per page
Query Builder