23 matches found
EUVD-2021-31485
Malicious code in bioql PyPI...
EUVD-2021-31482
Malicious code in bioql PyPI...
EUVD-2021-31483
Malicious code in bioql PyPI...
Xerte path traversal vulnerability
Xerte is an open source software from The Xerte Project community in the UK. Used to create learning objects. Xerte has a security vulnerability that stems from a directory traversal vulnerability in the Xerte Project Xerte to 3.10.3 when downloading project files via download.php. No details of...
Xerte Cross-Site Scripting Vulnerability
Xerte is an open source software from The Xerte Project community in the UK. Used to create learning objects. Xerte has a security vulnerability that stems from a site scripting XSS vulnerability in The Xerte Project via the link parameter in print.php. No details of the vulnerability are current...
CVE-2021-44665
A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when downloading a project file via download.php...
CVE-2021-44665
A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when downloading a project file via download.php...
Directory traversal
A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when downloading a project file via download.php...
CVE-2021-44665
A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when downloading a project file via download.php...
CVE-2021-44665
Summary (CVE-2021-44665): A directory traversal vulnerability exists in the Xerte Project Xerte up to version 3.10.3 when downloading a project file via download.php (as described in the CVE entry and corroborated by multiple sources). Public material shows an authenticated path traversal PoC usi...
CVE-2021-44663
A Remote Code Execution RCE vulnerability exists in the Xerte Project Xerte through 3.8.4 via a crafted php file through elfinder in connetor.php...
CVE-2021-44662
A Site Scripting XSS vulnerability exists in the Xerte Project Xerte through 3.8.4 via the link parameter in print.php...
CVE-2021-44663
A Remote Code Execution RCE vulnerability exists in the Xerte Project Xerte through 3.8.4 via a crafted php file through elfinder in connetor.php...
Remote code execution
A Remote Code Execution RCE vulnerability exists in the Xerte Project Xerte through 3.8.4 via a crafted php file through elfinder in connetor.php...
Cross site scripting
A Site Scripting XSS vulnerability exists in the Xerte Project Xerte through 3.8.4 via the link parameter in print.php...
CVE-2021-44663
A Remote Code Execution RCE vulnerability exists in the Xerte Project Xerte through 3.8.4 via a crafted php file through elfinder in connetor.php...
CVE-2021-44663
The CVE-2021-44663 vulnerability affects Xerte Project (Xerte) up to version 3.8.4, where remote code execution can be triggered via a crafted PHP file uploaded through elfinder in connector.php. The underlying issue enables network-exposed RCE with high impact (as indicated by CVSS scores in the...
CVE-2021-44662
A Site Scripting XSS vulnerability exists in the Xerte Project Xerte through 3.8.4 via the link parameter in print.php...
CVE-2021-44662
CVE-2021-44662 describes a reflected Site Scripting (XSS) vulnerability in the Xerte Project when using the link parameter in print.php, affecting Xerte up to version 3.8.4. The core issue is a client-side/XSS flaw exploited through a crafted link parameter, with network-based exposure and user i...
Xerte 代码问题漏洞
Xerte is an open source software from The Xerte Project community in the UK. Xerte is vulnerable to a code issue where a maliciously crafted php file can be uploaded via a project interface disguised as a language file to bypass upload filters. An attacker could exploit the vulnerability to...