Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-14736

A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file userauthcommit.php. Performing a manipulation of the argument uploadimage results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS6.6AI score0.00452EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/31 11:53 p.m.14 views

OpenClaw: Feishu extension resolveUploadInput bypasses file-system sandbox and allows arbitrary file reads via upload_image

Summary Feishu upload path resolution could read files outside the configured localRoots sandbox before handing them to the upload path. Impact A tool caller constrained to workspace or localRoots paths could exfiltrate arbitrary host files through Feishu upload actions. Affected Component...

6.5CVSS6AI score0.00339EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2015/02/26 3:59 p.m.2 views

CVE-2015-2089

Multiple cross-site request forgery CSRF vulnerabilities in the CrossSlide jQuery crossslide-jquery-plugin-for-wordpress plugin 2.0.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings or conduct cross-site scripting XSS...

6.8CVSS5.2AI score0.01007EPSS
Exploits1References3
Prion
Prion
added 2015/02/26 3:59 p.m.16 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the CrossSlide jQuery crossslide-jquery-plugin-for-wordpress plugin 2.0.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings or conduct cross-site scripting XSS...

6.8CVSS7AI score0.01007EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder