PT-2025-53686

Name of the Vulnerable Software and Affected Versions SmarterTools SmarterMail versions prior to Build 9413 Description A critical vulnerability exists in SmarterTools SmarterMail that allows unauthenticated attackers to upload arbitrary files to any location on the mail server, potentially...

VulnCheck KEV: CVE-2025-4632

Samsung MagicINFO 9 Server contains a path traversal vulnerability that allows an attacker to write arbitrary file as system authority...

TYPO3 Denial of Service in Online Media Asset Handling

Online Media Asset Handling .youtube and .vimeo files in the TYPO3 backend is vulnerable to denial of service. Putting large files with according file extensions results in high consumption of system resources. This can lead to exceeding limits of the current PHP process which results in a...

TYPO3 Cross-Site Scripting in Online Media Asset Rendering

Failing to properly encode user input, online media asset rendering .youtube and .vimeo files is vulnerable to cross-site scripting. A valid backend user account or write access on the server system e.g. SFTP is needed in order to exploit this vulnerability...

TYPO3 Cross-Site Scripting in Online Media Asset Rendering

Failing to properly encode user input, online media asset rendering .youtube and .vimeo files is vulnerable to cross-site scripting. A valid backend user account or write access on the server system e.g. SFTP is needed in order to exploit this vulnerability...

PT-2024-40019 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 affected versions not specified Description: The issue concerns the handling of online media assets, specifically .youtube and .vimeo files, in the TYPO3 backend. It is vulnerable to a denial of service, which occurs when large files wi...

CVE-2023-46808

An file upload vulnerability in Ivanti ITSM before 2023.4, allows an authenticated remote user to perform file writes to the server. Successful exploitation may lead to execution of commands in the context of non-root user...