Lucene search
K

272 matches found

Nuclei
Nuclei
added 2 days ago14 views

Zimbra - Cross-Site Scripting via ICS Files

Detects Zimbra Collaboration Suite versions vulnerable to CVE-2025-27915, a stored XSS vulnerability in the Classic Web Client due to insufficient sanitization of HTML content in ICS files. When a user views an email with a malicious ICS entry, embedded JavaScript executes via an ontoggle event...

5.4CVSS6.8AI score0.04241EPSS
Exploits1References3
NVD
NVD
added last week7 views

CVE-2026-11896

The My Calendar – Accessible Event Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.7.14 via the 'vcal' parameter due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to...

5.3CVSS0.00313EPSS
Exploits0References14
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.11 views

CVE-2026-8495

Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15...

9.8CVSS5.4AI score0.00369EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 12:31 a.m.13 views

EUVD-2026-30992

Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15...

5.8AI score0.00369EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/19 10:29 p.m.10 views

CVE-2026-8495 Date iCal - Critical - Information disclosure - SA-CONTRIB-2026-037

Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15...

5.8AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 10:29 p.m.26 views

CVE-2026-8495

The Date iCal Drupal module (Date iCal) is affected by a Missing Authorization vulnerability that allows forceful browsing. Affected versions are 0.0.0 through 4.0.14, with exploitation stemming from insufficient access checks and input sanitization in the iCal feed export functionality, which ex...

9.8CVSS5.8AI score0.00369EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/19 10:29 p.m.8 views

CVE-2026-8495

Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15...

5.8AI score0.00369EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/19 10:29 p.m.41 views

CVE-2026-8495 Date iCal - Critical - Information disclosure - SA-CONTRIB-2026-037

Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15...

0.00369EPSS
Exploits0References1
OSV
OSV
added 2026/05/13 5:19 p.m.34 views

DRUPAL-CONTRIB-2026-037

This module enables you to export entity date fields as iCal feeds. The module doesn't sufficiently check entity or field access or sanitize user inputs when generating iCal feeds. This vulnerability is not mitigated by any permission, the routes are accessible to all anonymous users with no...

9.8CVSS5.8AI score0.00369EPSS
Exploits0References1
NVD
NVD
added 2026/04/18 5:16 a.m.8 views

CVE-2026-4801

The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all versions up to, and including, 3.1.16 due to insufficient output escaping of event titles, descriptions, and locations fetched from external iCal feeds...

6.4CVSS0.00406EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2026/04/18 3:37 a.m.4 views

CVE-2026-4801 Page Builder Gutenberg Blocks <= 3.1.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via External iCal Feed Data

The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all versions up to, and including, 3.1.16 due to insufficient output escaping of event titles, descriptions, and locations fetched from external iCal feeds...

6.4CVSS5.9AI score0.00406EPSS
Exploits0References13
EUVD
EUVD
added 2026/04/18 3:37 a.m.7 views

EUVD-2026-23650

The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all versions up to, and including, 3.1.16 due to insufficient output escaping of event titles, descriptions, and locations fetched from external iCal feeds...

6.4CVSS5.9AI score0.00406EPSS
Exploits0References13
Cvelist
Cvelist
added 2026/04/18 3:37 a.m.32 views

CVE-2026-4801 Page Builder Gutenberg Blocks <= 3.1.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via External iCal Feed Data

The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all versions up to, and including, 3.1.16 due to insufficient output escaping of event titles, descriptions, and locations fetched from external iCal feeds...

6.4CVSS0.00406EPSS
Exploits0References13
CNNVD
CNNVD
added 2026/04/18 12:0 a.m.11 views

WordPress plugin Page Builder Gutenberg Blocks – CoBlocks 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.8AI score0.00406EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2000-1058

Malware in sbrugna...

7.2CVSS6.4AI score0.01082EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-3376

Malware in sbrugna...

7.5CVSS8.3AI score0.09731EPSS
Exploits3References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-0928

Malware in sbrugna...

4.3CVSS6.4AI score0.0118EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2000-1057

Malware in sbrugna...

10CVSS6.4AI score0.02996EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-3375

Malware in sbrugna...

9.8CVSS9.2AI score0.09903EPSS
Exploits3References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2000-1060

Malware in sbrugna...

10CVSS6.4AI score0.04107EPSS
Exploits1References5
Rows per page
Query Builder