Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-30878 | 1 Rageframe | 1 Rageframe | 2025-04-11 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the upload_drive parameter. | |||||
| CVE-2024-30879 | 1 Rageframe | 1 Rageframe | 2025-04-11 | N/A | 6.1 MEDIUM |
| Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the boxId parameter in the image cropping function. | |||||
| CVE-2024-30880 | 1 Rageframe | 1 Rageframe | 2025-04-11 | N/A | 5.4 MEDIUM |
| Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the multiple parameter in the image cropping function. | |||||
| CVE-2024-30883 | 1 Rageframe | 1 Rageframe | 2025-04-11 | N/A | 4.7 MEDIUM |
| Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the aspectRatio parameter in the image cropping function. | |||||
| CVE-2022-36530 | 1 Rageframe | 1 Rageframe | 2024-11-21 | N/A | 6.1 MEDIUM |
| An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page. | |||||