Vulnerabilities > Papercut > Papercut NG > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-04 CVE-2023-39143 Path Traversal vulnerability in Papercut MF
PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files.
network
low complexity
papercut CWE-22
critical
9.8
2023-04-20 CVE-2023-27350 Improper Access Control vulnerability in Papercut NG
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914).
network
low complexity
papercut CWE-284
critical
9.8
2019-06-06 CVE-2019-12135 Unspecified vulnerability in Papercut MF and Papercut NG
An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and earlier and versions 19.0.3 and earlier allows remote attackers to execute arbitrary code via an unspecified vector.
network
low complexity
papercut
critical
9.8
2019-02-20 CVE-2019-8948 Injection vulnerability in Papercut MF
PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163.
network
low complexity
papercut CWE-74
critical
9.8