Papercut

Papercut Ng

26 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-9672

  • EPSS 0.51%
  • Veröffentlicht 10.12.2024 00:15:22
  • Zuletzt bearbeitet 30.01.2025 14:55:08

A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be used to execute specially created JavaScript payloads in the browser. A user must click on a malicious link for this issue to occur.

7.2

CVE-2023-39470

  • EPSS 12.21%
  • Veröffentlicht 22.11.2024 20:15:05
  • Zuletzt bearbeitet 09.01.2025 15:46:02

PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit th...

5.5

CVE-2024-8405

  • EPSS 0.21%
  • Veröffentlicht 26.09.2024 02:15:03
  • Zuletzt bearbeitet 03.10.2024 00:51:18

An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the web-print.exe process, which can incorrectly create files that don’t exist when a malicio...

7.8

CVE-2024-8404

  • EPSS 0.21%
  • Veröffentlicht 26.09.2024 02:15:02
  • Zuletzt bearbeitet 13.05.2025 03:15:23

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut N...

7.8

CVE-2024-4712

  • EPSS 0.39%
  • Veröffentlicht 14.05.2024 15:44:27
  • Zuletzt bearbeitet 30.01.2025 14:58:45

An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a malicio...

7.8

CVE-2024-3037

  • EPSS 0.12%
  • Veröffentlicht 14.05.2024 15:39:48
  • Zuletzt bearbeitet 27.01.2025 18:05:07

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut N...

7.2

CVE-2023-39469

  • EPSS 51.95%
  • Veröffentlicht 03.05.2024 03:15:12
  • Zuletzt bearbeitet 30.01.2025 14:53:12

PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerabili...

6.5

CVE-2024-1884

  • EPSS 9.24%
  • Veröffentlicht 14.03.2024 04:15:08
  • Zuletzt bearbeitet 23.01.2025 21:06:27

This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing.

6.1

CVE-2024-1883

  • EPSS 11.26%
  • Veröffentlicht 14.03.2024 04:15:08
  • Zuletzt bearbeitet 23.01.2025 21:06:04

This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. An attacker can exploit this weakness by crafting a malicious URL that contains a script. When an unsuspecting user clicks on this malicious link, it cou...

7.2

CVE-2024-1882

  • EPSS 1.35%
  • Veröffentlicht 14.03.2024 04:15:08
  • Zuletzt bearbeitet 23.01.2025 20:30:14

This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application server.