Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/02/21 1:31 a.m.12 views

CVE-2025-70833

An Authentication Bypass vulnerability in Smanga 3.2.7 allows an unauthenticated attacker to reset the password of any user including the administrator and fully takeover the account by manipulating POST parameters. The issue stems from insecure permission validation in check-power.php...

9.4CVSS5.6AI score0.00398EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/07/21 12:0 a.m.108 views

VulnCheck KEV: CVE-2024-34193

smanga 3.2.7 does not filter the file parameter at the PHP/get file flow.php interface, resulting in a path traversal vulnerability that can cause arbitrary file reading...

7.5CVSS5.8AI score0.00623EPSS
In wildExploits1References2
Vulnrichment
Vulnrichment
added 2024/05/20 5:32 p.m.13 views

CVE-2024-34193

smanga 3.2.7 does not filter the file parameter at the PHP/get file flow.php interface, resulting in a path traversal vulnerability that can cause arbitrary file reading...

7.2AI score0.00623EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.4 views

PT-2024-25731 · Smanga · Smanga

Name of the Vulnerable Software and Affected Versions: smanga version 3.2.7 Description: The issue is related to a path traversal vulnerability. It occurs because the file parameter at the "PHP/get file flow.php" interface is not properly filtered, allowing for arbitrary file reading...

7.5CVSS6.8AI score0.00623EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/09/01 12:0 a.m.12 views

CVE-2023-36076

SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php...

8.6AI score0.02364EPSS
Exploits1References1
Rows per page
Query Builder