5 matches found
SUSE CVE-2025-3033
After selecting a malicious Windows .url shortcut from the local filesystem, an unexpected file could be uploaded. This bug only affects Firefox on Windows. Other operating systems are unaffected.. This vulnerability was fixed in Firefox 137 and Thunderbird 137...
BIT-JOOMLA-2021-23132 [20210306] - Core - com_media allowed paths that are not intended for image uploads
An issue was discovered in Joomla! 3.0.0 through 3.9.24. commedia allowed paths that are not intended for image uploads...
GHSA-QWV2-2X8G-G43G Gem in a Box vulnerable to Cross-site Request Forgery
geminabox aka Gem in a Box before 0.13.7 has CSRF, as demonstrated by an unintended gem upload...
Gem in a Box vulnerable to Cross-site Request Forgery
geminabox aka Gem in a Box before 0.13.7 has CSRF, as demonstrated by an unintended gem upload...
Gem in a Box vulnerable to Cross-site Request Forgery
geminabox aka Gem in a Box before 0.13.7 has CSRF, as demonstrated by an unintended gem upload...