Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.3 views

PT-2024-12951 · Alphabpo · Alphabpo Easy Newsletter Signups

Name of the Vulnerable Software and Affected Versions: AlphaBPO Easy Newsletter Signups versions 1.0.0 through 1.0.4 Description: The issue is related to missing authorization, allowing exploitation of incorrectly configured access control security levels. This is a broken access control issue th...

6.5CVSS9.5AI score0.00436EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.7 views

PT-2024-36168 · WordPress · Best Wp Developer Advanced Blog Post Block

Name of the Vulnerable Software and Affected Versions: Best Wp Developer Advanced Blog Post Block versions 1.0.0 through 1.0.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks...

6.5CVSS6.1AI score0.00362EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.12 views

PT-2024-35049 · Unknown · Huy Le Multiple Votes

Name of the Vulnerable Software and Affected Versions: Huy Le Multiple Votes in one page versions 1.0.0 through 1.0.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

6.5CVSS5.6AI score0.00302EPSS
Exploits0References3
NVD
NVD
added 2020/03/02 2:15 p.m.20 views

CVE-2020-4292

IBM Security Information Queue ISIQ 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 uses a cross-domain policy file that includes domains that should not be trusted which could disclose sensitive information. IBM X-Force ID: 176335...

5.3CVSS4.3AI score0.00981EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2019/05/29 7:18 p.m.8 views

athena-beta (>=1.0.0 <=2.0.4), athena-html (>=1.2.10 <=2.0.0-alpha.8) +8 more potentially affected by unknown CVE via concat-with-sourcemaps (>=1.0.0 <=1.0.4)

concat-with-sourcemaps NPM version =1.0.0, =1.0.0, =1.2.10, =1.0.0, =1.0.1, =0.0.2, =0.3.0, =1.0.0, =1.0.8 - peachhtmlproduction =1.0.0 Source cves: unknown CVE Source advisory: OSV:GHSA-2XV3-H762-CCXV...

5.8AI score
Exploits0
Prion
Prion
added 2017/02/09 8:59 p.m.14 views

Design/Logic Flaw

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for mcabber 1.0.0 - 1.0.4...

4.3CVSS5.7AI score0.0133EPSS
Exploits3References5Affected Software1
Debian CVE
Debian CVE
added 2017/02/09 8:0 p.m.40 views

CVE-2017-5604

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for mcabber 1.0.0 - 1.0.4...

5.9CVSS5.6AI score0.0133EPSS
Exploits2
CVE
CVE
added 2017/02/09 8:0 p.m.54 views

CVE-2017-5604

Technical details for CVE-2017-5604 are not provided in the connected documents. No affected products, root cause, impact, or fixes are specified here. Monitor for updates.

5.9CVSS5.6AI score0.0133EPSS
Exploits2References5Affected Software1
Rows per page
Query Builder