Vulnerabilidades en SHIRASAGI Project
11 resultadosCVE-2019-6009—Open redirect vulnerability in SHIRASAGI v1.7.0 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phiEPSS 1.8%CVE-2020-5607—Open redirect vulnerability in SHIRASAGI v1.13.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phEPSS 1.2%CVE-2023-39448—Path traversal vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to alter or create arbitrary files on theEPSS 1.1%CVE-2024-46898HIGHSHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. If this vulnerability isEPSS 1.0%CVE-2022-29485—Cross-site scripting vulnerability in SHIRASAGI v1.0.0 to v1.14.2, and v1.15.0 allows a remote attacker to inject an arbitrary script via unEPSS 1.0%CVE-2022-43479MEDIUMOpen redirect vulnerability in SHIRASAGI v1.14.4 to v1.15.0 allows a remote unauthenticated attacker to redirect users to an arbitrary web sEPSS 0.9%CVE-2023-22427MEDIUMStored cross-site scripting vulnerability in Theme switching function of SHIRASAGI v1.16.2 and earlier versions allows a remote attacker witEPSS 0.8%CVE-2022-43499MEDIUMStored cross-site scripting vulnerability in SHIRASAGI versions prior to v1.16.2 allows a remote authenticated attacker with an administratiEPSS 0.8%CVE-2023-22425MEDIUMStored cross-site scripting vulnerability in Schedule function of SHIRASAGI v1.16.2 and earlier versions allows a remote authenticated attacEPSS 0.8%CVE-2023-36492—Reflected cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote unauthenticated attacker to execute an arbitrary EPSS 0.4%CVE-2023-38569—Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary scripEPSS 0.4%