Lucene search
+L

187 matches found

redhatcve
redhatcve
added 2025/02/05 2:33 a.m.7 views

CVE-2024-42481

Skyport Daemon skyportd is the daemon for the Skyport Panel. By making thousands of folders & files easy due to skyport's lack of rate limiting on createFolder. createFile, skyportd in a lot of cases will cause 100% CPU usage and an OOM, probably crashing the system. This is fixed in 0.2.2...

7.5CVSS6.8AI score0.00476EPSS
Exploits0References1
patchstack
patchstack
added 2025/02/03 4:12 p.m.4 views

WordPress Graceful Email Obfuscation plugin <= 0.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Graceful Email Obfuscation versions = 0.2.2...

6.5CVSS6.1AI score0.0027EPSS
Exploits0Affected Software1
ptsecurity
ptsecurity
added 2025/01/07 12:0 a.m.6 views

PT-2025-4453 · WordPress · Wp-Tagmaker

Name of the Vulnerable Software and Affected Versions: WP-tagMaker versions 0.2.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for reflected Cross-site Scripting XSS. This enables an attacker to inject malicious scripts...

7.1CVSS9AI score0.0038EPSS
Exploits0References3
cnnvd
cnnvd
added 2025/01/07 12:0 a.m.6 views

WordPress plugin WP-tagMaker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

7.1CVSS7.7AI score0.0038EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/12/30 12:0 a.m.4 views

White-Jotter 代码注入漏洞

White-Jotter is an Antabot personal developer's front-end and back-end separation project using Vue+Spring Boot development, comes with a full set of development tutorials. Antabot White-Jotter 0.2.2 and earlier versions have a code injection vulnerability that originates from the component artic...

5.1CVSS4.2AI score0.00371EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2024/12/30 12:0 a.m.12 views

PT-2024-17889 · Unknown · Antabot White-Jotter

Name of the Vulnerable Software and Affected Versions: Antabot White-Jotter versions up to 0.2.2 Description: A problematic issue has been found in the Article Editor component, specifically in the /admin/content/editor file, affecting an unknown functionality. The manipulation of the articleCove...

5.1CVSS4.3AI score0.00523EPSS
Exploits1References10
cnnvd
cnnvd
added 2024/12/30 12:0 a.m.6 views

White-Jotter 代码问题漏洞

White-Jotter is a front-end and back-end separation project developed by Antabot personal developer using Vue+Spring Boot, with a full set of development tutorials. A code issue vulnerability exists in White-Jotter 0.2.2 and earlier versions, which stems from the articleCover parameter of the fil...

5.1CVSS4.3AI score0.00523EPSS
Exploits1References4
cnnvd
cnnvd
added 2024/12/29 12:0 a.m.7 views

White-Jotter 安全漏洞

White-Jotter is a front-end and back-end separation project developed by Antabot individual developer using Vue+Spring Boot, with a full set of development tutorials. A security vulnerability exists in White-Jotter version 0.2.2 and earlier, which stems from an incorrect manipulation of the...

6.3CVSS4.6AI score0.00733EPSS
Exploits1References5
cnnvd
cnnvd
added 2024/12/29 12:0 a.m.7 views

Antabot White-Jotter 代码问题漏洞

White-Jotter is a front-end and back-end separation project developed by Antabot individual developers using Vue+Spring Boot, with a full set of development tutorials. A code issue vulnerability exists in Antabot White-Jotter version 0.2.2 and earlier versions. An attacker can exploit this...

8.8CVSS4.9AI score0.00511EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2024/12/29 12:0 a.m.7 views

PT-2024-17885 · Unknown · Antabot White-Jotter

Name of the Vulnerable Software and Affected Versions: Antabot White-Jotter versions up to 0.2.2 Description: A problematic issue has been found in Antabot White-Jotter, affecting some unknown processing of the file "/login". The manipulation of the argument username leads to observable response...

6.3CVSS6.9AI score0.00733EPSS
Exploits1References11
ptsecurity
ptsecurity
added 2024/10/20 12:0 a.m.7 views

PT-2024-33564 · Unknown · Brandon White Author Discussion

Name of the Vulnerable Software and Affected Versions: Brandon White Author Discussion versions 0.2.2 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command...

8.8CVSS8.2AI score0.00432EPSS
Exploits0References11
cnnvd
cnnvd
added 2024/10/20 12:0 a.m.6 views

WordPress plugin Author Discussion SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability...

8.8CVSS7.4AI score0.00432EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/09/27 12:0 a.m.5 views

ReLaXed 跨站脚本漏洞

ReLaXed is a ReLaXed open source application. PDF documents can be created interactively using HTML. A cross-site scripting vulnerability exists in ReLaXed 0.2.2 and earlier versions, which stems from an unknown feature of the component Pug to PDF Converter that causes cross-site scripting...

4.8CVSS3.8AI score0.00269EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2024/08/12 12:0 a.m.5 views

PT-2024-29978 · Unknown · Skyport Daemon

Name of the Vulnerable Software and Affected Versions: Skyport Daemon versions prior to 0.2.2 Description: The issue is related to the Skyport Daemon skyportd, which is the daemon for the Skyport Panel. It can be exploited by creating thousands of folders and files, taking advantage of the lack o...

7.5CVSS7.1AI score0.00476EPSS
Exploits0References6
osv
osv
added 2024/06/28 9:10 p.m.9 views

CVE-2024-38525 dd-trace-cpp malformed unicode header values may cause crash

dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws an uncaught...

7.5CVSS6.6AI score0.00431EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2024/06/28 12:0 a.m.9 views

PT-2024-28052 · Unknown · Nlohmann/Json +1

Name of the Vulnerable Software and Affected Versions: dd-trace-cpp versions prior to 0.2.2 Description: The issue occurs when the library fails to extract trace context due to malformed unicode. It attempts to log the list of audited headers and their values using the nlohmann JSON library...

7.5CVSS7.2AI score0.00431EPSS
Exploits0References5
fedora
fedora
added 2024/06/02 3:39 a.m.13 views

[SECURITY] Fedora 39 Update: sudo-rs-0.2.2-3.fc39

A memory safe implementation of sudo and su...

7.3AI score
Exploits0
patchstack
patchstack
added 2024/05/15 1:49 a.m.6 views

WordPress reCAPTCHA Jetpack plugin <= 0.2.2 - Stored XSS via CSRF vulnerability

Stored XSS via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin reCAPTCHA Jetpack versions = 0.2.2...

4.7CVSS6AI score0.00269EPSS
Exploits2References1Affected Software1
patchstack
patchstack
added 2024/05/15 1:48 a.m.4 views

WordPress reCAPTCHA Jetpack plugin <= 0.2.2 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin reCAPTCHA Jetpack versions = 0.2.2...

8.8CVSS7AI score0.00381EPSS
Exploits2References1Affected Software1
patchstack
patchstack
added 2024/05/15 12:0 a.m.10 views

WordPress reCAPTCHA Jetpack Plugin <= 0.2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software reCAPTCHA Jetpack Type Plugin Vulnerable versions = 0.2.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3940 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cb69d1ca95bb Credits Bob Matyas Required...

6.6AI score0.00381EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder