Lucene search
K

10 matches found

CNNVD
CNNVD
added 2026/01/05 12:0 a.m.4 views

Ubiquiti UCRM Argentina AFIP invoices Plugin 安全漏洞

Ubiquiti UCRM Argentina AFIP invoices Plugin is an extension plugin from Ubiquiti USA. A security vulnerability exists in Ubiquiti UCRM Argentina AFIP invoices Plugin version 1.2.0 and earlier, which stems from the presence of cross-site scripting that could lead to elevation of privilege...

9.6CVSS6AI score0.00215EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-1256

Malware in sbrugna...

4.7CVSS4.9AI score0.00296EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-1255

Malware in sbrugna...

5.4CVSS5.6AI score0.00543EPSS
Exploits0References2
OSV
OSV
added 2018/07/03 9:29 p.m.4 views

CVE-2017-0912

Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling...

5.4CVSS5.9AI score0.00543EPSS
Exploits0References1
NVD
NVD
added 2018/07/03 9:29 p.m.22 views

CVE-2017-0912

Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling...

5.4CVSS5.5AI score0.00543EPSS
Exploits0References1
Prion
Prion
added 2018/07/03 9:29 p.m.17 views

Default credentials

Ubiquiti UCRM versions 2.3.0 to 2.7.7 allow an authenticated user to read arbitrary files in the local file system. Note that by default, the local file system is isolated in a docker container. Successful exploitation requires valid credentials to an account with "Edit" access to "System...

1.9CVSS4.7AI score0.00296EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/07/03 9:29 p.m.20 views

Cross site scripting

Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling...

3.5CVSS5.6AI score0.00543EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/07/03 9:29 p.m.20 views

CVE-2017-0913

Ubiquiti UCRM versions 2.3.0 to 2.7.7 allow an authenticated user to read arbitrary files in the local file system. Note that by default, the local file system is isolated in a docker container. Successful exploitation requires valid credentials to an account with "Edit" access to "System...

4.7CVSS4.6AI score0.00296EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/07/03 9:0 p.m.27 views

CVE-2017-0912

Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling...

5.6AI score0.00543EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/07/03 9:0 p.m.28 views

CVE-2017-0913

Ubiquiti UCRM versions 2.3.0 to 2.7.7 allow an authenticated user to read arbitrary files in the local file system. Note that by default, the local file system is isolated in a docker container. Successful exploitation requires valid credentials to an account with "Edit" access to "System...

4.6AI score0.00296EPSS
Exploits0References2
Rows per page
Query Builder