Filtered by vendor Ss-proj
Subscribe
Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-46898 | 1 Ss-proj | 1 Shirasagi | 2024-10-17 | N/A | 7.5 HIGH |
SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. If this vulnerability is exploited, arbitrary files on the server may be retrieved when processing crafted HTTP requests. | |||||
CVE-2023-22425 | 1 Ss-proj | 1 Shirasagi | 2024-02-04 | N/A | 5.4 MEDIUM |
Stored cross-site scripting vulnerability in Schedule function of SHIRASAGI v1.16.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script. | |||||
CVE-2023-22427 | 1 Ss-proj | 1 Shirasagi | 2024-02-04 | N/A | 4.8 MEDIUM |
Stored cross-site scripting vulnerability in Theme switching function of SHIRASAGI v1.16.2 and earlier versions allows a remote attacker with an administrative privilege to inject an arbitrary script. | |||||
CVE-2022-29485 | 1 Ss-proj | 1 Shirasagi | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting vulnerability in SHIRASAGI v1.0.0 to v1.14.2, and v1.15.0 allows a remote attacker to inject an arbitrary script via unspecified vectors. | |||||
CVE-2020-5607 | 1 Ss-proj | 1 Shirasagi | 2024-02-04 | 5.8 MEDIUM | 6.1 MEDIUM |
Open redirect vulnerability in SHIRASAGI v1.13.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
CVE-2019-6009 | 1 Ss-proj | 1 Shirasagi | 2024-02-04 | 5.8 MEDIUM | 6.1 MEDIUM |
Open redirect vulnerability in SHIRASAGI v1.7.0 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |