Lucene search
+L

114 matches found

Cvelist
Cvelist
added 2024/04/15 5:0 a.m.31 views

CVE-2024-0902 Fancy Product Designer < 6.1.81 - Admin+ Cross Site Scripting via Product Title

The Fancy Product Designer WordPress plugin before 6.1.81 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.5AI score0.00441EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/04/15 5:0 a.m.29 views

CVE-2024-0902 Fancy Product Designer < 6.1.81 - Admin+ Cross Site Scripting via Product Title

The Fancy Product Designer WordPress plugin before 6.1.81 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.4AI score0.00441EPSS
Exploits2References1
CVE
CVE
added 2024/04/15 5:0 a.m.69 views

CVE-2024-0902

CVE-2024-0902 affects the Fancy Product Designer WordPress plugin prior to 6.1.81. Root cause: the plugin does not sanitize and escape certain settings, allowing high-privilege users (e.g., admins) to perform Stored Cross-Site Scripting even when unfiltered_html is disallowed (e.g., multisite). I...

4.8CVSS7.6AI score0.00441EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/04/15 12:0 a.m.14 views

WordPress Fancy Product Designer Plugin < 6.1.81 is vulnerable to Cross Site Scripting (XSS)

Software Fancy Product Designer Type Plugin Vulnerable versions 6.1.81 Fixed in 6.1.81 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0902 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 4fcfdb111964 Credits Bob Matyas Requir...

5.7AI score0.00441EPSS
Exploits2References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/03/15 12:0 a.m.25 views

openSUSE 15 Security Update : python-Django (SUSE-SU-2024:0902-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0902-1 advisory. - CVE-2024-27351: Fixed a regular expression DoS in django.utils.text.Truncator.words bsc1220358 Tenable has extracted the preceding description block direct...

5.3CVSS6.8AI score0.01854EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/08 12:0 a.m.24 views

CentOS 8 : webkit2gtk3 (CESA-2023:0902)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:0902 advisory. - A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura...

8.8CVSS8.8AI score0.09502EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/01/24 8:23 p.m.3 views

Malicious code in wlwz-2312-0902 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cdc210d785bc616d49e2ed29ecf4d66502a8ae5654e77a0930ad19e9e248a5fd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2024/01/24 8:23 p.m.6 views

MAL-2024-253 Malicious code in wlwz-2312-0902 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cdc210d785bc616d49e2ed29ecf4d66502a8ae5654e77a0930ad19e9e248a5fd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.27 views

Rocky Linux 8 : icu (RLSA-2020:0902)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:0902 advisory. - An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exist...

8.8CVSS7.8AI score0.02669EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.26 views

Oracle Linux 8 : icu (ELSA-2020-0902)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0902 advisory. 60.3-2 - Apply ICU-13634-Adding-integer-overflow-logic-to-ICU4C-num.patch - Apply ICU-20958-Prevent-SEGVMAPERR-in-append.patch - Resolves: rhbz1808238 Tenable h...

8.8CVSS7.6AI score0.02669EPSS
Exploits0References2
OSV
OSV
added 2023/08/31 12:14 p.m.1 views

BELL-CVE-2017-0902 CVE-2017-0902 does not affect BellSoft software

Bulletin has no description...

8.1CVSS7.3AI score0.0475EPSS
Exploits1References1
0day.today
0day.today
added 2023/04/06 12:0 a.m.296 views

Employee Task Management System v1.0 - SQL Injection Vulnerability (2)

Exploit Title: Employee Task Management System v1.0 - SQL Injection on edit-task.php Exploit Author: Muhammad Navaid Zafar Ansari CVE Assigned: CVE-2023-0902 mitre.org, nvd.nist.org Author: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task...

8.8CVSS6.3AI score0.02693EPSS
Exploits10
Circl
Circl
added 2023/04/06 12:0 a.m.54 views

CVE-2023-0902

creationtimestamp| type| source ---|---|--- 2023-04-06 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/51287 2023-04-06 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/51292...

5.4CVSS4.1AI score0.02693EPSS
Exploits9References2
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.307 views

Employee Task Management System v1.0 - SQL Injection on edit-task.php

Exploit Title: Employee Task Management System v1.0 - SQL Injection on edit-task.php Exploit Author: Muhammad Navaid Zafar Ansari Date: 17 February 2023 CVE Assigned: CVE-2023-0902 mitre.org, nvd.nist.org Author: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com Softwar...

8.8CVSS5.9AI score0.02693EPSS
Exploits10
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.355 views

Simple Food Ordering System v1.0 - Cross-Site Scripting (XSS)

Exploit Title: Simple Food Ordering System v1.0 - Cross-Site Scripting XSS Exploit Author: Muhammad Navaid Zafar Ansari Date: 17 February 2023 CVE Assigned: CVE-2023-0902 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Simple Food Ordering System Version: v 1...

5.4CVSS5.1AI score0.02693EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2023/02/28 12:0 a.m.39 views

Rocky Linux 8 : webkit2gtk3 (RLSA-2023:0902)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:0902 advisory. - A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing...

8.8CVSS8.8AI score0.09502EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2023/02/24 12:0 a.m.255 views

Simple Food Ordering System 1.0 Cross Site Scripting

Simple Food Ordering System - Authenticated Reflected Cross Site Scripting Date: 17 February 2023 CVE Assigned: CVE-2023-0902 mitre.org nvd.nist.org Author Email: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link: Simple Food Ordering System Version: v 1.0...

5.2AI score0.02693EPSS
Exploits9
RedHat Linux
RedHat Linux
added 2023/02/22 1:1 p.m.37 views

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.8CVSS8AI score0.09502EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/22 12:0 a.m.24 views

Oracle Linux 8 : webkit2gtk3 (ELSA-2023-0902)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-0902 advisory. 2.36.7-1.2 - Add patch for CVE-2023-23529 Resolves: 2170007 Tenable has extracted the preceding description block directly from the Oracle Linux security...

8.8CVSS8.3AI score0.09502EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/22 12:0 a.m.25 views

RHEL 8 : webkit2gtk3 (RHSA-2023:0902)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0902 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: processing maliciously crafted web...

8.8CVSS8.6AI score0.09502EPSS
Exploits0References4
Rows per page
Query Builder