Lucene search
K

695 matches found

CNNVD
CNNVD
added 2026/03/10 12:0 a.m.9 views

Microsoft SharePoint 跨站脚本漏洞

Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A spoofing...

9.3CVSS5.8AI score0.01262EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/01/29 6:29 p.m.151 views

WriteUp

Preface In the world of network security, CTF Capture The...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2025/10/18 12:0 a.m.5 views

Apache Geode 跨站请求伪造漏洞

Apache Geode is the Apache Foundation's suite of management platforms for distributed cloud architectures that provide real-time and consistent access to data for data-intensive applications. Apache Geode suffers from a cross-site request forgery vulnerability, which arises when a web application...

8.8CVSS6.8AI score0.00325EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/07 10:27 a.m.14 views

CVE-2025-11331

A vulnerability was found in IdeaCMS up to 1.8. The impacted element is an unknown function of the file app/common/logic/admin/Config.php of the component Website Name Handler. Performing manipulation of the argument 网站名称 results in command injection. The attack may be initiated remotely. The...

5.8CVSS4.9AI score0.17354EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/06 10:2 a.m.6 views

EUVD-2025-32529

A vulnerability was found in IdeaCMS up to 1.8. The impacted element is an unknown function of the file app/common/logic/admin/Config.php of the component Website Name Handler. Performing manipulation of the argument 网站名称 results in command injection. The attack may be initiated remotely. The...

5.8CVSS6.2AI score0.17354EPSS
Exploits1References5
CVE
CVE
added 2025/10/06 10:2 a.m.21 views

CVE-2025-11331

IdeaCMS up to version 1.8 contains a command injection in the Website Name Handler component, via the argument 网站名称 manipulated in app/common/logic/admin/Config.php. The vulnerability arises from an unknown function handling that input, enabling remote execution after exploitation. Public exploit...

7.2CVSS5AI score0.17354EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/09/04 12:0 a.m.5 views

NVIDIA ConnectX 安全漏洞

NVIDIA ConnectX is a series of intelligent network interface cards from NVIDIA. NVIDIA ConnectX has a security vulnerability that can be exploited by attackers to potentially cause denial of service, elevation of privilege, information disclosure, and data tampering...

6.3CVSS6.7AI score0.00146EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.3 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.9AI score0.00222EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/22 12:0 a.m.4 views

TOTOLINK A3002R 安全漏洞

TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3002R suffers from a stack buffer overflow vulnerability, which originates from the parameter subnet in the file /boafrm/formRoute failing to correctly validate the length and size of the input data, which...

9CVSS8.1AI score0.00759EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.5 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS6.1AI score0.00305EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.5 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

4.8CVSS6.1AI score0.00307EPSS
Exploits0References2
NVD
NVD
added 2025/04/07 1:15 a.m.13 views

CVE-2025-3327

A vulnerability was found in iteaj iboot 物联网网关 1.1.3 and classified as problematic. This issue affects some unknown processing of the file /common/upload/batch of the component File Upload. The manipulation of the argument File leads to cross site scripting. The attack may be initiated remotely...

6.1CVSS0.00356EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/04/07 12:0 a.m.16 views

CVE-2025-3327 iteaj iboot 物联网网关 File Upload batch cross site scripting

A vulnerability was found in iteaj iboot 物联网网关 1.1.3 and classified as problematic. This issue affects some unknown processing of the file /common/upload/batch of the component File Upload. The manipulation of the argument File leads to cross site scripting. The attack may be initiated remotely...

5.1CVSS0.00356EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.5 views

Dell SmartFabric OS10 安全漏洞

Dell SmartFabric OS10 is a software-defined network operating system from Dell Networking, based on Linux and open source technologies, designed to enable flexible management and automated deployment of data center network resources. A mismanagement of privileges vulnerability exists in Dell...

5.5CVSS6.4AI score0.00159EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/04 12:0 a.m.5 views

Cisco Meraki MX67和Cisco Meraki MX68 信息泄露漏洞

The Cisco Meraki MX67 and Cisco Meraki MX68 are cloud-managed routers in the Cisco Meraki series. An access validation error vulnerability exists in the Cisco Meraki MX67 and Cisco Meraki MX68 that stems from improper access control and can be exploited by an attacker to cause information...

5.3CVSS6.6AI score0.00343EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/01/23 12:0 a.m.9 views

IBM Sterling B2B Integrator 跨站脚本漏洞

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting...

6.4CVSS6.1AI score0.00215EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.4 views

Fortinet FortiDeceptor 跨站脚本漏洞

Fortinet FortiDeceptor is a cyber threat detection platform from the American company Fiat Fortinet. The platform focuses on exposing cyber threats through deception techniques, among other things. Fortinet FortiDeceptor cross-site scripting vulnerability, the vulnerability stems from the...

6.1CVSS6.4AI score0.00278EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.3 views

Google Chrome 安全漏洞

Google Chrome is a free web browser developed by Google. It is the world's largest browser in terms of market share due to its speed, security, simplicity, multi-platform support and built-in privacy protection. Google Chrome suffers from a type confusion vulnerability that stems from the V8...

8.8CVSS6.8AI score0.04013EPSS
Exploits2References4
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.3 views

Open5GS 安全漏洞

Open5GS is an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS. An attacker could exploit this vulnerability to cause a denial of service in the system...

7.5CVSS6.6AI score0.01028EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.4 views

Dell SmartFabric OS10 命令注入漏洞

Dell SmartFabric OS10 is a Linux-based network switch operating system from Dell Dell. Dell SmartFabric OS10 suffers from a command injection vulnerability that stems from an improper neutralization issue that contains a particular element used in a command. An attacker could exploit the...

7.8CVSS8AI score0.00698EPSS
Exploits0References1
Rows per page
Query Builder