grymer/CVE

Releases0

Stars3

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-31260 ↗	Jul 17, 2022Sunday, 17 July 2022, 20:15	6.5 MEDIUM	—
In Montala ResourceSpace through 9.8 before r19636, csv_export_results_metadata.php allows attackers to export collection metadata via a non-NULL k value.
CVE-2021-3342 ↗	Mar 1, 2021Monday, 1 March 2021, 22:15	9.8 CRITICAL	6.8 MEDIUM
EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted LaTeX input to a cgi/latex2png?latex= URI.
CVE-2021-26704 ↗	Mar 1, 2021Monday, 1 March 2021, 22:15	8.8 HIGH	6.5 MEDIUM
EPrints 3.4.2 allows remote attackers to execute arbitrary commands via crafted input to the verb parameter in a cgi/toolbox/toolbox URI.
CVE-2021-26703 ↗	Mar 1, 2021Monday, 1 March 2021, 22:15	9.8 CRITICAL	7.5 HIGH
EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted JSON/XML input to a cgi/ajax/phrase URI.
CVE-2021-26702 ↗	Mar 1, 2021Monday, 1 March 2021, 22:15	6.1 MEDIUM	4.3 MEDIUM
EPrints 3.4.2 exposes a reflected XSS opportunity in the dataset parameter to the cgi/dataset_dictionary URI.
CVE-2021-26476 ↗	Mar 1, 2021Monday, 1 March 2021, 22:15	9.8 CRITICAL	7.5 HIGH
EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI.
CVE-2021-26475 ↗	Mar 1, 2021Monday, 1 March 2021, 22:15	6.1 MEDIUM	4.3 MEDIUM
EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal URI.
CVE-2015-9287 ↗	May 13, 2019Monday, 13 May 2019, 16:29	—	5 MEDIUM
Directory Traversal was discovered in University of Cambridge mod_ucam_webauth before 2.0.2. The key identification field ("kid") of the IdP's HTTP response message ("WLS-Response") can be manipulated by an attacker. The "kid" field is not signed like the rest of the message, and manipulation is therefore trivial. The "kid" field should only ever represent an integer. However, it is possible to provide any string value. An attacker could use this to their advantage to force the application agent to load the RSA public key required for message integrity checking from an unintended location.
CVE-2018-16717 ↗	May 2, 2019Thursday, 2 May 2019, 20:29	—	7.5 HIGH
A heap-based buffer overflow exists in nph-viewgif.cgi in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox.
CVE-2018-16988 ↗	May 2, 2019Thursday, 2 May 2019, 20:29	9.8 CRITICAL	5 MEDIUM
An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass (account takeover) exists due to a weak password reset mechanism. A brute-force attack against an MD5 rid value requires only 600 guesses in the plausible situation where the attacker knows that the victim has started a password-reset process (pass_reset.php, password_reset.php, XDUser.php) in the past few minutes.
CVE-2018-16961 ↗	May 2, 2019Thursday, 2 May 2019, 20:29	—	5 MEDIUM
An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/dl_publication.php allows Path traversal via the file parameter, allowing remote attackers to read PDF files in arbitrary directories.
CVE-2018-16960 ↗	May 2, 2019Thursday, 2 May 2019, 20:29	—	4.3 MEDIUM
An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/login.php has Reflected XSS via the xd_user_formal_name parameter.
CVE-2018-16718 ↗	May 2, 2019Thursday, 2 May 2019, 20:29	—	4.3 MEDIUM
An XSS vulnerability exists in wwwblast.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox via a crafted -z1 argument.
CVE-2018-16716 ↗	May 2, 2019Thursday, 2 May 2019, 20:29	—	7.5 HIGH
A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox, which may result in reading of arbitrary files (i.e., significant information disclosure) or file deletion via the nph-viewgif.cgi query string.
CVE-2018-10383 ↗	May 2, 2019Thursday, 2 May 2019, 20:29	—	4.3 MEDIUM
Lantronix SecureLinx Spider (SLS) 2.2+ devices have XSS in the auth.asp login page.