Filtered by vendor Rageframe
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-30878 | 1 Rageframe | 1 Rageframe | 2025-04-11 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the upload_drive parameter. | ||||
| CVE-2024-30879 | 1 Rageframe | 1 Rageframe | 2025-04-11 | 6.1 Medium |
| Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the boxId parameter in the image cropping function. | ||||
| CVE-2024-30880 | 1 Rageframe | 1 Rageframe | 2025-04-11 | 5.4 Medium |
| Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the multiple parameter in the image cropping function. | ||||
| CVE-2024-30883 | 1 Rageframe | 1 Rageframe | 2025-04-11 | 4.7 Medium |
| Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the aspectRatio parameter in the image cropping function. | ||||
| CVE-2022-36530 | 1 Rageframe | 1 Rageframe | 2024-11-21 | 6.1 Medium |
| An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page. | ||||
Page 1 of 1.