7020 matches found
EUVD-2025-200085
Frappe is a full-stack web application framework. Prior to 15.86.0 and 14.99.2, certain requests were vulnerable to path traversal attacks, wherein some files from the server could be retrieved if the full path was known. Sites hosted on Frappe Cloud, and even other setups that are behind a rever...
CVE-2025-66206 Frappe vulnerable to a path traversal allowing reading certain files
Frappe is a full-stack web application framework. Prior to 15.86.0 and 14.99.2, certain requests were vulnerable to path traversal attacks, wherein some files from the server could be retrieved if the full path was known. Sites hosted on Frappe Cloud, and even other setups that are behind a rever...
CVE-2025-66206 Frappe vulnerable to a path traversal allowing reading certain files
Frappe is a full-stack web application framework. Prior to 15.86.0 and 14.99.2, certain requests were vulnerable to path traversal attacks, wherein some files from the server could be retrieved if the full path was known. Sites hosted on Frappe Cloud, and even other setups that are behind a rever...
CVE-2025-66206
CVE-2025-66206 affects Frappe, a full-stack web application framework. Prior to versions 15.86.0 and 14.99.2 , certain requests were vulnerable to path traversal, enabling retrieval of server files if the full path was known. The issue mainly impacts installations directly using werkzeug/gunicorn...
Linux Command Shell, Reverse TCP Inline
Connect back to attacker and spawn a command shell. Module Options msf use payload/linux/riscv64le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp show options ...show and set options... msf...
Linux Command Shell, Reverse TCP Inline
Connect back to attacker and spawn a command shell. Module Options msf use payload/linux/riscv32le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp show options ...show and set options... msf...
GHSA-W756-RF26-7RMR FeehiCMS is vulnerable to reverse tabnabbing
Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function...
EUVD-2025-200002
Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function...
FeehiCMS is vulnerable to reverse tabnabbing
Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function...
CVE-2025-63522
Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function...
CVE-2025-63522
Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function...
CVE-2025-63522
Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function...
PT-2025-48550
Name of the Vulnerable Software and Affected Versions Frappe versions prior to 15.86.0 Frappe versions prior to 14.99.2 Description Frappe, a full-stack web application framework, had requests vulnerable to path traversal attacks in versions prior to 15.86.0 and 14.99.2. This allowed retrieval of...
FeehiCMS 安全漏洞
FeehiCMS is a Php-based CMS website builder by Liufee Personal Developer. A security vulnerability exists in FeehiCMS version 2.1.1, which originates from a reverse tag hijacking issue in the Comments Management function...
PT-2025-48453
Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function...
CVE-2025-63522
FeehiCMS 2.1.1 is affected in the Comments Management function by a Reverse Tabnabbing issue. Attacker-controlled or manipulated link behavior in target="_blank" could enable phishing or session-hijacking-type effects as described in connected sources. The vulnerability is rated CVSS v3.1 base sc...
CVE-2025-63522
Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function...
Reverse Engineering and Control-Aware Security Analysis of the ArduPilot UAV Framework
Unmanned Aerial Vehicle UAV technologies are gaining high interest for many domains, which makes UAV security of utmost importance. ArduPilot is among the most widely used open-source autopilot UAV frameworks; yet, many studies demonstrate the vulnerabilities affecting such systems. Vulnerabiliti...
EUVD-2025-198795
Malicious code in @ensdomains/reverse-records npm...
MAL-2025-190736 Malicious code in @ensdomains/reverse-records (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5e16814335619e8655b02ca0583e019d232eb4f008db3e99d25f3ad1eb3d18c The package @ensdomains/reverse-records was found to contain malicious code. Source: ghsa-malware...