Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
- EPSS 0.1%
- Veröffentlicht 04.08.2025 19:02:05
- Zuletzt bearbeitet 27.08.2025 16:21:28
A vulnerability, which was classified as critical, was found in givanz Vvvebjs up to 2.0.4. Affected is an unknown function of the file /save.php of the component node.js. The manipulation of the argument File leads to path traversal. It is possible ...
6.1
CVE-2024-29271
- EPSS 0.13%
- Veröffentlicht 22.03.2024 04:15:11
- Zuletzt bearbeitet 28.05.2025 18:44:18
Reflected Cross-Site Scripting (XSS) vulnerability in VvvebJs before version 1.7.7, allows remote attackers to execute arbitrary code and obtain sensitive information via the action parameter in save.php.
6.5
CVE-2024-29272
- EPSS 89.26%
- Veröffentlicht 22.03.2024 04:15:11
- Zuletzt bearbeitet 28.05.2025 19:00:50
Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php.
1