Vulnerabilities > Papercut
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-14 | CVE-2023-6006 | Unspecified vulnerability in Papercut MF This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. | 6.7 |
2023-10-19 | CVE-2023-31046 | Path Traversal vulnerability in Papercut MF A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. | 6.5 |
2023-09-20 | CVE-2023-2508 | Cross-Site Request Forgery (CSRF) vulnerability in Papercut Mobility Print Server 1.0.3512 The `PaperCutNG Mobility Print` version 1.0.3512 application allows an unauthenticated attacker to perform a CSRF attack on an instance administrator to configure the clients host (in the "configure printer discovery" section). | 6.5 |
2023-09-13 | CVE-2023-4568 | Improper Authentication vulnerability in Papercut NG PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. | 6.5 |
2023-08-04 | CVE-2023-39143 | Path Traversal vulnerability in Papercut MF PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. | 9.8 |
2023-07-25 | CVE-2023-3486 | Unrestricted Upload of File with Dangerous Type vulnerability in Papercut MF An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host’s file storage. | 7.5 |
2023-06-20 | CVE-2023-2533 | Cross-Site Request Forgery (CSRF) vulnerability in Papercut MF and Papercut NG A Cross-Site Request Forgery (CSRF) vulnerability has been identified in PaperCut NG/MF, which, under specific conditions, could potentially enable an attacker to alter security settings or execute arbitrary code. | 8.8 |
2023-04-20 | CVE-2023-27350 | Improper Access Control vulnerability in Papercut NG This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). | 9.8 |
2023-04-20 | CVE-2023-27351 | Improper Authentication vulnerability in Papercut MF and Papercut NG This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). | 7.5 |
2019-06-06 | CVE-2019-12135 | Unspecified vulnerability in Papercut MF and Papercut NG An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and earlier and versions 19.0.3 and earlier allows remote attackers to execute arbitrary code via an unspecified vector. | 7.5 |