Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

17 matches found

RedhatCVE
RedhatCVEadded 2026/01/07 9:27 a.m.5 views

CVE-2019-12047

Gridea v0.8.0 has an XSS vulnerability through which the Nodejs module can be called to achieve arbitrary code execution, as demonstrated by childprocess.exec and the "...

6.1CVSS6.4AI score0.00427EPSS
Exploits1References1
Circl
Circladded 2025/11/12 7:56 p.m.1 views

CVE-2025-12047

creationtimestamp| type| source ---|---|--- 2025-11-12 19:56:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5hgor7vvb2k...

6CVSS5.7AI score0.00025EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-12047

Malware in sbrugna...

4.3CVSS4.8AI score0.00156EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/23 6:57 a.m.3 views

CVE-2024-12047

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘customserver’ parameter in all versions up to, and including, 6.30.03 due to insufficient input sanitization and output escaping. This makes it possible for...

6.1CVSS6.4AI score0.01684EPSS
Exploits0References1
NVD
NVDadded 2025/01/04 8:15 a.m.8 views

CVE-2024-12047

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘customserver’ parameter in all versions up to, and including, 6.30.03 due to insufficient input sanitization and output escaping. This makes it possible for...

6.1CVSS0.01684EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/01/04 7:24 a.m.6 views

CVE-2024-12047 WP Compress – Instant Performance & Speed Optimization <= 6.30.03 - Reflected Cross-Site Scripting via custom_server Parameter

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘customserver’ parameter in all versions up to, and including, 6.30.03 due to insufficient input sanitization and output escaping. This makes it possible for...

6.1CVSS6.5AI score0.01684EPSS
Exploits0References4
CVE
CVEadded 2025/01/04 7:24 a.m.41 views

CVE-2024-12047

CVE-2024-12047 affects the WP Compress – Instant Performance & Speed Optimization WordPress plugin. A Reflected Cross-Site Scripting flaw exists via the custom_server parameter in versions up to and including 6.30.03 due to insufficient input sanitization and output escaping, enabling unauthentic...

6.1CVSS6AI score0.01684EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2025/01/04 7:24 a.m.9 views

CVE-2024-12047 WP Compress – Instant Performance & Speed Optimization <= 6.30.03 - Reflected Cross-Site Scripting via custom_server Parameter

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘customserver’ parameter in all versions up to, and including, 6.30.03 due to insufficient input sanitization and output escaping. This makes it possible for...

6.1CVSS0.01684EPSS
Exploits0References4
Circl
Circladded 2022/03/03 5:30 p.m.1 views

CVE-2020-12047

creationtimestamp| type| source ---|---|--- 2022-03-03 17:30:00+00:00| seen| https://t.me/truesecator/2696...

9.8CVSS7AI score0.0028EPSS
Exploits0References1
NVD
NVDadded 2020/06/29 2:15 p.m.21 views

CVE-2020-12047

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24, when used with a Baxter Spectrum v8.x model 35700BAX2 in a factory-default wireless configuration enables an FTP service with hard-coded credentials...

9.8CVSS0.0028EPSS
Exploits0References1
OSV
OSVadded 2020/06/29 2:15 p.m.1 views

CVE-2020-12047

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24, when used with a Baxter Spectrum v8.x model 35700BAX2 in a factory-default wireless configuration enables an FTP service with hard-coded credentials...

9.8CVSS7AI score
Exploits0References1
CVE
CVEadded 2020/06/29 1:41 p.m.53 views

CVE-2020-12047

CVE-2020-12047 affects Baxter Spectrum WBM when used with Spectrum v8.x (model 35700BAX2) in factory-default wireless config; the WBM enables an FTP service with hard-coded credentials (versions v17, v20D29–v20D32, v22D24). Root cause: hard-coded credentials enabling FTP access. Impact per source...

9.8CVSS9.4AI score0.0028EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2020/06/29 1:41 p.m.19 views

CVE-2020-12047

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24, when used with a Baxter Spectrum v8.x model 35700BAX2 in a factory-default wireless configuration enables an FTP service with hard-coded credentials...

9.5AI score0.0028EPSS
Exploits0References1
CVE
CVEadded 2019/05/13 2:21 p.m.31 views

CVE-2019-12047

CVE-2019-12047 affects Gridea v0.8.0 with an XSS flaw that allows an attacker to trigger arbitrary code execution by invoking a Node.js module (e.g., via child_process.exec) from crafted input, demonstrated by an onerror payload. The issue is caused by insufficient input sanitization leading to ...

6.1CVSS6.2AI score0.00427EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2018/06/08 1:29 a.m.6 views

CVE-2018-12047

xfind/search in Ximdex 4.0 has XSS via the filternvalue parameters for non-negative values of n, as demonstrated by n equal to 0 through 12...

6.1CVSS6.1AI score
Exploits0References1
CVE
CVEadded 2018/06/08 1:0 a.m.35 views

CVE-2018-12047

XIMDEX XSS (CVE-2018-12047) affects Ximdex 4.0, specifically the xfind/search functionality. The vulnerability is a cross-site scripting flaw triggered via the filter[n][value] parameters with non-negative n (as demonstrated for n = 0–12), enabling arbitrary script injection on the search page. T...

6.1CVSS5.9AI score0.0024EPSS
Exploits1References1Affected Software1
Circl
Circladded 2010/04/04 12:0 a.m.0 views

CVE-2010-1351

creationtimestamp| type| source ---|---|--- 2010-04-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/12047...

6.8CVSS5.8AI score0.00517EPSS
Exploits1References1
Rows per page
Query Builder