Lucene search
K

24 matches found

OSV
OSV
added 4 days ago2 views

CVE-2026-55466 Snipe-IT: Stored XSS via inline-served attachment

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, UploadFileRequest sanitizes SVG content only when PHP finfo reports image/svg+xml and UploadedFilesController serves attachments inline without using StorageHelper::allowSafeInline, allowing a low-privilege user to upload active...

6.2CVSS6.1AI score0.00351EPSS
Exploits1References5
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-59149 Mockoon: Path traversal in templated `filePath` lets a request escape the served directory (prefix-only base check)

Mockoon provides way to design and run mock APIs. Prior to 9.7.0, a FILE response whose filePath embeds request data is confined by getSafeFilePath in packages/commons-server/src/libs/server/server.ts with resolvedPath.startsWithstaticBaseDir. That prefix test has no path-separator boundary, so a...

6.5CVSS0.0033EPSS
Exploits0References5
CVE
CVE
added 5 days ago9 views

CVE-2026-59149

Mockoon before version 9.7.0 is affected by a path-traversal in the templated filePath. The vulnerability arises because getSafeFilePath checks resolvedPath.startsWith(staticBaseDir) without a path-separator boundary, allowing an unauthenticated client to craft a ../-escaped path that prefixes th...

6.5CVSS5.9AI score0.0033EPSS
Exploits0References5
OSV
OSV
added last week6 views

CVE-2026-59153 Anki's local HTTP server does not sufficiently validate requests

Anki is a program for creating and reviewing flashcards. Prior to 25.09.3, Anki launches a local HTTP server to serve media files and web pages for parts of its interface, but requests from other origins were not sufficiently blocked. A malicious website could potentially trigger side-effecting...

2.1CVSS6AI score0.00181EPSS
Exploits0References6
NVD
NVD
added 2026/06/08 12:16 p.m.15 views

CVE-2026-11569

A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting wh...

5.4CVSS0.00138EPSS
Exploits0References2
OSV
OSV
added 2025/12/29 10:15 a.m.6 views

CVE-2025-15182

A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown function of the file /home/served.php. Executing manipulation of the argument refNo can lead to sql injection. The attack can be executed remotely. The exploit has been made available to th...

9.8CVSS5.8AI score0.00322EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/29 9:32 a.m.4 views

CVE-2025-15182 code-projects Refugee Food Management System served.php sql injection

A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown function of the file /home/served.php. Executing manipulation of the argument refNo can lead to sql injection. The attack can be executed remotely. The exploit has been made available to th...

7.5CVSS6.7AI score0.00322EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/29 9:32 a.m.33 views

CVE-2025-15182 code-projects Refugee Food Management System served.php sql injection

A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown function of the file /home/served.php. Executing manipulation of the argument refNo can lead to sql injection. The attack can be executed remotely. The exploit has been made available to th...

7.5CVSS0.00322EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/29 9:32 a.m.5 views

EUVD-2025-205569

A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown function of the file /home/served.php. Executing manipulation of the argument refNo can lead to sql injection. The attack can be executed remotely. The exploit has been made available to th...

7.5CVSS6.5AI score0.00322EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/29 12:0 a.m.4 views

Code-Projects Refugee Food Management System SQL注入漏洞

Code-Projects Refugee Food Management System is an open source refugee food management system from Code-Projects. A SQL injection vulnerability exists in Code-Projects Refugee Food Management System version 1.0, which stems from incorrect manipulation of the parameter refNo in the file...

9.8CVSS7.8AI score0.00322EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.7 views

PT-2025-53709

Name of the Vulnerable Software and Affected Versions Refugee Food Management System version 1.0 Description A flaw exists in Refugee Food Management System 1.0 that allows for SQL injection. This occurs through manipulation of the refNo argument in a remote request to the /home/served.php file...

9.8CVSS6.9AI score0.00322EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2025/11/10 2:0 a.m.5 views

thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This...

6.1CVSS6.2AI score0.00256EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/07/01 12:0 a.m.6 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A security vulnerability exists in Apache HTTP Server that can be exploited by an attacker to map URLs to file system locations th...

9.1CVSS6.7AI score0.99957EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/06/08 8:27 p.m.25 views

CVE-2023-29401 Improper handling of filenames in Content-Disposition HTTP header in github.com/gin-gonic/gin

The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Disposition header to be sent with an unexpected filename value or otherwise modify the Content-Disposition header. For example, a filename of...

4.7AI score0.00482EPSS
Exploits2References4
Hacker One
Hacker One
added 2022/09/14 7:13 p.m.102 views

Shopify: Shop App - Attacker is able to intercept authorization code during authentication (OAuth) and is able to get access to Microsoft Outlook email account

A vulnerability was discovered in the Shop App's Microsoft Outlook OAuth flow, where a malicious app could intercept the authorization code during authentication due to the use of deep links. This could allow an attacker to gain access to the victim's emails. The issue was mitigated by implementi...

7.5AI score
Exploits0
OSV
OSV
added 2021/11/09 5:15 p.m.3 views

UBUNTU-CVE-2021-43173

In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall validation. While Routinator has a configurable time-out value for RRDP...

7.5CVSS7.1AI score0.01434EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/02/25 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2020-1141)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.05415EPSS
Exploits0References2
NVD
NVD
added 2019/10/31 3:15 p.m.24 views

CVE-2018-21030

Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin. Thus, for example, an XSS payload can be placed in an SVG document...

5.3CVSS5.7AI score0.01443EPSS
Exploits0References3
OSV
OSV
added 2019/10/09 4:15 p.m.3 views

ALPINE-CVE-2019-6467

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAI...

7.5CVSS6.7AI score0.05415EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2019/10/09 2:17 p.m.50 views

CVE-2019-6467

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAI...

7.5CVSS6.5AI score0.05415EPSS
Exploits0
Rows per page
Query Builder