Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-49128

Malicious code in bioql PyPI...

5.4CVSS4.5AI score0.00406EPSS
Exploits1References3
OSV
OSV
added 2025/01/05 2:31 p.m.10 views

CVE-2024-13141 osuuu LightPicture SVG File Upload upload cross site scripting

A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotel...

5.3CVSS3.9AI score0.00386EPSS
Exploits1References6
NVD
NVD
added 2024/09/01 10:15 p.m.38 views

CVE-2024-8370

A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability affects unknown code of the file /api/files/recipepictures/ of the component SVG File Upload Handler. The manipulation of the argument forceserveas with the input picture' leads to cross site scripting. T...

5.4CVSS0.00406EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2024/09/01 10:15 p.m.25 views

CVE-2024-8370

A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability affects unknown code of the file /api/files/recipepictures/ of the component SVG File Upload Handler. The manipulation of the argument forceserveas with the input picture' leads to cross site scripting. T...

5.4CVSS7AI score0.00406EPSS
Exploits1References3
CVE
CVE
added 2024/09/01 10:0 p.m.84 views

CVE-2024-8370

CVE-2024-8370 affects Grocy up to 4.2.0, targeting the SVG File Upload Handler. The vulnerability exists in unknown code path under /api/files/recipepictures/ where manipulating the argument force_serve_as with a crafted image leads to stored cross-site scripting. Exploitation is remotely possibl...

5.4CVSS4AI score0.00406EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder