Filtered by vendor Skinsoft
Subscriptions
Filtered by product S-museum
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-25802 | 1 Skinsoft | 1 S-museum | 2025-02-14 | 9.8 Critical |
| SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the file content. | ||||
| CVE-2024-25801 | 1 Skinsoft | 1 S-museum | 2025-02-14 | 6.1 Medium |
| SKINsoft S-Museum 7.02.3 allows XSS via the filename of an uploaded file. Unlike in CVE-2024-25802, the attack payload is in the name (not the content) of a file. | ||||
Page 1 of 1.