9 matches found
CVE-2026-20163 Remote Command Execution (RCE) through the '/splunkd/__upload/indexing/preview' REST endpoint in Splunk Enterprise
In Splunk Enterprise versions below 10.2.0, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.0.2503.12, 10.1.2507.16, and 9.3.2411.124, a user who holds a role that contains the high-privilege capability editcmd could execute arbitrary shell commands using the...
CVE-2020-25267
An XSS issue exists in the question-pool file-upload preview feature in ILIAS 6.4...
CVE-2023-5547
The course upload preview contained an XSS risk for users uploading unsafe data...
CVE-2023-5547
The course upload preview contained an XSS risk for users uploading unsafe data...
UBUNTU-CVE-2023-5547
The course upload preview contained an XSS risk for users uploading unsafe data...
PT-2023-8911 · Moodle +1 · Moodle +1
Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: The issue is related to an XSS risk in the course upload preview, which can be exploited when users upload unsafe data. This can allow a remote attacker to perform cross-site scripting...
Moodle < 3.9.24, 3.11.x < 3.11.17, 4.0.x < 4.0.11, 4.1.x < 4.1.6, 4.2.x < 4.2.3 Multiple Vulnerabilities
Moodle is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle"; ifdescription...
file-upload-with-preview 跨站脚本漏洞
file-upload-with-preview is a simple file upload utility that displays a preview of an uploaded image. Written in pure JavaScript. No dependencies. Works with Bootstrap 4 or without frameworks. A cross-site scripting vulnerability exists in file-upload-with-preview, which can be exploited to uplo...
ILIAS Cross-Site Scripting Vulnerability (CNVD-2020-62481)
ILIAS is a powerful open source learning management system for developing and implementing web-based e-learning. A cross-site scripting vulnerability exists in the problematic library file upload preview feature in ILIAS 6.4. No detailed vulnerability details are provided at this time...