Vulnerabilities > Papercut > Papercut NG > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-14 | CVE-2024-1222 | Unspecified vulnerability in Papercut MF This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. | 9.8 |
| 2023-08-04 | CVE-2023-39143 | Path Traversal vulnerability in Papercut MF PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. | 9.8 |
| 2023-04-20 | CVE-2023-27350 | Unspecified vulnerability in Papercut MF and Papercut NG This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). | 9.8 |
| 2019-06-06 | CVE-2019-12135 | Unspecified vulnerability in Papercut MF and Papercut NG An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and earlier and versions 19.0.3 and earlier allows remote attackers to execute arbitrary code via an unspecified vector. | 9.8 |
| 2019-02-20 | CVE-2019-8948 | Injection vulnerability in Papercut MF PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163. | 9.8 |