5.3
CVE-2024-13140 - Emlog Pro Cover Upload article.php cross site scripting
A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=upload_cover of the component Cover Upload Handler. The manipulation of the argument image leads to cross site scripting. It is possible to launchβ¦
5.3
CVE-2024-13139 - wangl1989 mysiteforme FileController doContent server-side request forgery
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the argument content leads to server-side request forgery. The attackβ¦
5.1
CVE-2024-13138 - wangl1989 mysiteforme LocalUploadServiceImpl upload unrestricted upload
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl. The manipulation of the argument test leads to unrestricted upload. The attack β¦
5.1
CVE-2024-13137 - wangl1989 mysiteforme SiteController RestResponse cross site scripting
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController. The manipulation leads to cross site scripting. It is possible to initiate the attaβ¦
5.3
CVE-2024-13136 - wangl1989 mysiteforme ShiroConfig.java rememberMeManager deserialization
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The exβ¦
5.3
CVE-2024-13135 - Emlog Pro Subpage twitter.php cross site scripting
A vulnerability has been found in Emlog Pro 2.4.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/twitter.php of the component Subpage Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploβ¦
5.3
CVE-2024-13134 - ZeroWdd studentmanager TeacherController. java editTeacher unrestricted upload
A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Affected is the function addTeacher/editTeacher of the file src/main/Java/com/wdd/studentmanager/controller/TeacherController. java. The manipulation of the argument file leads to unrestricted upload. It is β¦
5.1
CVE-2025-0219 - Trimble SPS851 Receiver Status Identity Tab cross site scripting
A vulnerability, which was classified as problematic, has been found in Trimble SPS851 488.01. Affected by this issue is some unknown functionality of the component Receiver Status Identity Tab. The manipulation of the argument System Name leads to cross site scripting. The attack may be launched rβ¦
5.3
CVE-2024-13133 - ZeroWdd studentmanager StudentController. java editStudent unrestricted upload
A vulnerability, which was classified as critical, has been found in ZeroWdd studentmanager 1.0. This issue affects the function addStudent/editStudent of the file src/main/Java/com/wdd/studentmanager/controller/StudentController. java. The manipulation of the argument file leads to unrestricted upβ¦
5.3
CVE-2024-13132 - Emlog Pro Subpage article.php cross site scripting
A vulnerability classified as problematic was found in Emlog Pro up to 2.4.3. This vulnerability affects unknown code of the file /admin/article.php of the component Subpage Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosedβ¦