Lucene search
K

9 matches found

CVE
CVE
added 2025/10/11 9:2 a.m.8 views

CVE-2025-11594

The CVE-2025-11594 issue affects ywxbear PHP-Bookstore-Website-Example and PHP Basic BookStore Website (files handling in the Quantity Handler, /index.php). Root cause: insufficient validation of the quantity input, allowing remote manipulation. Exploitation details are publicly disclosed in conn...

6.9CVSS5.5AI score0.00338EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 4:10 p.m.4 views

CVE-2020-11594

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request that causes a stack error to be shown providing the full file path...

7.5CVSS7AI score0.01209EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:3 p.m.8 views

CVE-2018-11594

Espruino before 1.99 allows attackers to cause a denial of service application crash with a user crafted input file via a Buffer Overflow during syntax parsing of "VOID" tokens in jsparse.c...

5.5CVSS6.8AI score0.01124EPSS
Exploits1References1
CVE
CVE
added 2020/04/06 9:33 p.m.64 views

CVE-2020-11594

CVE-2020-11594 affects CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can send an API request that triggers a stack error, causing the system to reveal the full file path. This is the explicit impact described across multiple sources. The available documents do not provide a ...

7.5CVSS7.5AI score0.01209EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/04/29 2:30 p.m.37 views

CVE-2019-11594

In AdBlock before 3.45.0, the $rewrite filter option lets filter-list maintainers run arbitrary code in a client-side session when a web service loads a script via XMLHttpRequest or Fetch and the script origin has an open redirect. This vulnerability is scored CVSS v3.0: 8.1 (HIGH) with Network a...

8.1CVSS8.2AI score0.02389EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/05/31 4:0 p.m.41 views

CVE-2018-11594

Espruino CVE-2018-11594 affects Espruino before 1.99. The vulnerability is a Buffer Overflow in jsparse.c during parsing of the string token “VOID,” triggered by a crafted input file, leading to a denial of service (application crash). Affected component: Espruino JavaScript interpreter for micro...

5.5CVSS5.4AI score0.01124EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2017/07/24 1:29 a.m.17 views

CVE-2017-11594

Cross-site scripting XSS vulnerability in the Markdown parser in Loomio before 1.8.0 allows remote attackers to inject arbitrary web script or HTML via non-sanitized Markdown content in a new thread or a thread comment...

5.4CVSS5.8AI score
Exploits0References3
CVE
CVE
added 2017/07/24 1:0 a.m.42 views

CVE-2017-11594

CVE-2017-11594 affects Loomio’s Markdown parser prior to version 1.8.0. The vulnerability is a cross-site scripting (XSS) flaw that lets remote attackers inject arbitrary web script or HTML through non-sanitized Markdown content in new threads or thread comments. The root cause is improper saniti...

5.4CVSS5.3AI score0.01189EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2017/07/24 1:0 a.m.16 views

CVE-2017-11594

Cross-site scripting XSS vulnerability in the Markdown parser in Loomio before 1.8.0 allows remote attackers to inject arbitrary web script or HTML via non-sanitized Markdown content in a new thread or a thread comment...

5.4AI score0.01189EPSS
Exploits1References3
Rows per page
Query Builder