Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
18041.3%CRITICAL

Related CVEs

8
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-67079File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions.CRITICAL9.829.9%Jan 15, 2026
CVE-2025-67078Cross site scripting (XSS) vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors.MEDIUM6.18.0%Jan 15, 2026
CVE-2025-67077File upload vulnerability in Omnispace Agora Project before 25.10 allowing authenticated, or under certain conditions also guest users, via the UploadTmpFile action.HIGH8.828.0%Jan 15, 2026
CVE-2025-67076Directory traversal vulnerability in Omnispace Agora Project before 25.10 allowing unauthenticated attackers to read files on the system via the misc controller and the ExternalGetFile action. Only files with an extension can be read.HIGH7.552.3%Jan 15, 2026
CVE-2017-6562XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=file&targetObjId=fileFolder-2&targetObjIdChild=[XSS] attack.NONE53.1%Mar 9, 2017
CVE-2017-6561XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=object&action=[XSS] attack.NONE53.1%Mar 9, 2017
CVE-2017-6560XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=misc&action=[XSS]&editObjId=[XSS] attack.NONE53.1%Mar 9, 2017
CVE-2017-6559XSS in Agora-Project 3.2.2 exists with an index.php?disconnect=1&msgNotif[]=[XSS] attack.NONE53.1%Mar 9, 2017