16 matches found
EUVD-2024-23109
Malicious code in bioql PyPI...
CVE-2024-25802
SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the file content...
CVE-2024-25801
SKINsoft S-Museum 7.02.3 allows XSS via the filename of an uploaded file. Unlike in CVE-2024-25802, the attack payload is in the name not the content of a file...
CVE-2024-25802
SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the file content...
CVE-2024-25802
SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the file content...
Unrestricted file upload
SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the file content...
CVE-2024-25801
SKINsoft S-Museum 7.02.3 allows XSS via the filename of an uploaded file. Unlike in CVE-2024-25802, the attack payload is in the name not the content of a file...
CVE-2024-25801
SKINsoft S-Museum 7.02.3 allows XSS via the filename of an uploaded file. Unlike in CVE-2024-25802, the attack payload is in the name not the content of a file...
Design/Logic Flaw
SKINsoft S-Museum 7.02.3 allows XSS via the filename of an uploaded file. Unlike in CVE-2024-25802, the attack payload is in the name not the content of a file...
CVE-2024-25802
SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the file content...
CVE-2024-25802
SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the file content...
CVE-2024-25802
Affected software: SKINsoft S-Museum 7.02.3. Vulnerability: Unrestricted file upload via the Add Media function. The attack payload, in this case, is the file content (not the filename). Root cause / nature: Arbitrary file upload capability exists in the Add Media workflow. Impact (as stated): Hi...
CVE-2024-25801
SKINsoft S-Museum 7.02.3 allows XSS via the filename of an uploaded file. Unlike in CVE-2024-25802, the attack payload is in the name not the content of a file...
SKINsoft S-Museum Security Vulnerability
SKINsoft S-Museum is a web-based system from the French company SKINsoft. It is suitable for museums of all sizes and types. A security vulnerability exists in SKINsoft S-Museum version 7.02.3, which originates from a cross-site scripting XSS attack that allows an attacker to conduct a cross-site...
CVE-2024-25801
SKINsoft S-Museum 7.02.3 allows XSS via the filename of an uploaded file. Unlike in CVE-2024-25802, the attack payload is in the name not the content of a file...
CVE-2024-25801
SKINsoft S-Museum 7.02.3 is affected by CVE-2024-25801: an XSS vulnerability where the attack payload is delivered in the filename of an uploaded file (not its content). Product: SKINsoft S-Museum; Vulnerable component: filename handling during upload via Add Media. Impact: stored/ reflected XSS ...