Lucene search
+L

26 matches found

CVE
CVE
added 2025/11/06 9:7 p.m.17 views

CVE-2025-64327

CVE-2025-64327 affects ThinkDashboard (Go + JavaScript) and is caused by a blind SSRF in the /api/ping?url= endpoint in versions 0.6.7 and earlier. An attacker can cause the application to perform arbitrary requests to internal or external hosts, potentially revealing local network topology and o...

5.3CVSS6.3AI score0.00322EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.11 views

PT-2025-45378

Name of the Vulnerable Software and Affected Versions ThinkDashboard versions 0.6.7 and below Description ThinkDashboard, a self-hosted bookmark dashboard built with Go and vanilla JavaScript, has an issue where an attacker can upload arbitrary files to the '/data' directory of the web applicatio...

5.3CVSS5.8AI score0.00256EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.8 views

PT-2025-45385

Name of the Vulnerable Software and Affected Versions ThinkDashboard versions prior to 0.6.8 Description ThinkDashboard is a self-hosted bookmark dashboard built with Go and vanilla JavaScript. A stored Cross-Site Scripting XSS issue exists in the dashboard for versions 0.6.7 and below due to a...

5.4CVSS5.7AI score0.00226EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.5 views

ThinkDashboard 安全漏洞

ThinkDashboard is a lightweight, self-hosted bookmarking dashboard by the individual developer MatiasDesu. A security vulnerability exists in ThinkDashboard version 0.6.7 and earlier, which stems from a server-side request forgery vulnerability in the /api/ping?url= endpoint that could lead an...

5.3CVSS6.8AI score0.00322EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.7 views

ThinkDashboard 代码问题漏洞

ThinkDashboard is a lightweight, self-hosted bookmarking dashboard by the individual developer MatiasDesu. A code issue vulnerability exists in ThinkDashboard version 0.6.7 and earlier, which stems from the backup import feature not properly validating file types, which could lead to a stored...

6.1CVSS6.1AI score0.00256EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.7 views

ThinkDashboard 跨站脚本漏洞

ThinkDashboard is a lightweight, self-hosted bookmarking dashboard. A cross-site scripting vulnerability exists in ThinkDashboard version 0.6.7 and earlier, which stems from a lack of schema filtering and can be exploited by an attacker to cause a stored cross-site scripting attack...

6.1CVSS5.8AI score0.00226EPSS
Exploits1References2
Rows per page
Query Builder