Lucene search
K

5 matches found

OSV
OSV
added 2025/07/26 4:16 a.m.3 views

UBUNTU-CVE-2025-8177

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

7.8CVSS5.5AI score0.00271EPSS
Exploits1References6
Veracode
Veracode
added 2023/10/12 6:49 a.m.16 views

Arbitrary File Upload

concrete5/concrete5 is vulnerable to Arbitrary File Upload. The vulnerability exists due to the lack of sanitization in the Thumbnail file upload section, which allows an attacker to upload maliciously crafted PDF, SVG, or HTML files, potentially leading to Cross-Site Scripting XSS attacks...

5.4CVSS5.9AI score0.00585EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/10/10 12:32 p.m.12 views

GHSA-WRP2-6V6J-HFMG ConcreteCMS vulnerable to Stored Cross-site Scripting

Concrete CMS v9.2.1 is affected by Arbitrary File Upload vulnerability via the Thumbnail file upload, which allows Cross-Site Scripting XSS...

5.4CVSS5.3AI score0.00585EPSS
Exploits1References5
CVE
CVE
added 2023/10/10 12:0 a.m.110 views

CVE-2023-44763

Summary: Concrete CMS v9.2.1 is affected by an arbitrary file upload vulnerability via the Thumbnail upload, enabling Cross-Site Scripting (XSS). The issue stems from insufficient validation/sanitization of uploaded files, allowing malicious content to be stored/executed. Several connected source...

5.4CVSS5.2AI score0.00585EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2018/12/14 8:29 p.m.2 views

UBUNTU-CVE-2018-20148

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wpgetattachmentthumbfile function in wp-includes/post.php...

9.8CVSS7.3AI score0.30887EPSS
Exploits1References3
Rows per page
Query Builder