Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

NVD
NVDadded 2024/09/25 1:15 a.m.18 views

CVE-2024-8941

Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nmeditphpedit.php in the “subpage” parameter, which allows unauthenticated remote users to bypass SecurityManager's intended restrictions and list and/or read a parent directory via a “/...” or directly into a...

7.5CVSS0.00093EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/09/25 12:0 a.m.3 views

Scriptcase 代码问题漏洞

Scriptcase is a low-code platform for rapid application development from Scriptcase, Inc. A code issue vulnerability exists in Scriptcase version 9.4.019 that stems from improper input validation and could allow an attacker to upload malicious files to the server...

10CVSS7.1AI score0.00153EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/09/24 11:48 a.m.21 views

CVE-2024-8940 Unrestricted Upload of File with Dangerous Type vulnerability on Scriptcase

Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload of a file via /scriptcase/devel/lib/third/jqueryplugin/jQuery-File-Upload/server/php/ via a POST request. An attacker could upload malicious files to the server due to the application not properly...

10CVSS0.00153EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/09/24 11:48 a.m.16 views

CVE-2024-8940 Unrestricted Upload of File with Dangerous Type vulnerability on Scriptcase

Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload of a file via /scriptcase/devel/lib/third/jqueryplugin/jQuery-File-Upload/server/php/ via a POST request. An attacker could upload malicious files to the server due to the application not properly...

10CVSS7AI score0.00153EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/09/24 12:0 a.m.1 views

PT-2024-39326 · Unknown · Scriptcase

Name of the Vulnerable Software and Affected Versions: Scriptcase version 9.4.019 Description: A path traversal issue exists in Scriptcase, allowing unauthenticated remote users to bypass intended restrictions and list or read a parent directory. This is achieved via the "subpage" parameter in th...

7.5CVSS6.8AI score0.00093EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2024/09/24 12:0 a.m.3 views

PT-2024-39327 · Unknown · Scriptcase

Name of the Vulnerable Software and Affected Versions: Scriptcase version 9.4.019 Description: The issue is a Cross-Site Scripting XSS due to the lack of input validation, affecting the id form msg title parameter, among others. This could allow a remote user to send a specially crafted URL to a...

8.2CVSS6.2AI score0.00098EPSS
Exploits0References4
Rows per page
Query Builder