Lucene search
K

19 matches found

Nuclei
Nuclei
added yesterday38 views

HPE System Management - Cross-Site Scripting

HPE System Management contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other...

5.4CVSS6.5AI score0.04601EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2025/03/03 8:20 a.m.4 views

CVE-2024-12544

The SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity plugin for WordPress is vulnerable to arbitrary file deletion due to a missing capability check on the callback function of the SurveyJSDeleteFile class in all versions up to, and includin...

8.8CVSS7.7AI score0.00703EPSS
Exploits0References1
Circl
Circl
added 2025/03/01 8:27 a.m.3 views

CVE-2024-12544

creationtimestamp| type| source ---|---|--- 2025-03-01 08:27:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6059 2025-03-01 09:48:04+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114086542311660523 2025-03-01 10:35:34+00:00| seen|...

8.8CVSS8.7AI score0.00703EPSS
Exploits0References3
NVD
NVD
added 2025/03/01 8:15 a.m.7 views

CVE-2024-12544

The SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity plugin for WordPress is vulnerable to arbitrary file deletion due to a missing capability check on the callback function of the SurveyJSDeleteFile class in all versions up to, and includin...

8.8CVSS0.00703EPSS
Exploits0References3
CVE
CVE
added 2025/03/01 7:24 a.m.81 views

CVE-2024-12544

Summary (supported by provided docs): CVE-2024-12544 affects the SurveyJS: Drag & Drop WordPress Form Builder plugin for WordPress. The vulnerability arises from a missing capability check in the SurveyJS_DeleteFile callback, enabling an authenticated user with Subscriber-level access or higher t...

8.8CVSS7.7AI score0.00703EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/01 7:24 a.m.10 views

CVE-2024-12544 SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity <= 1.12.17 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion via SurveyJS_DeleteFile

The SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity plugin for WordPress is vulnerable to arbitrary file deletion due to a missing capability check on the callback function of the SurveyJSDeleteFile class in all versions up to, and includin...

8.8CVSS0.00703EPSS
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2018/11/22 12:0 a.m.6 views

HPE System Management Homepage Issue (CVE-2017-12544) - Ver2

A vulnerability exists in HPE System Management Homepage. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

3.5CVSS5.6AI score0.04601EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2018/10/18 8:14 a.m.71 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift Application Runtimes security and bug fix update

An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6.8AI score0.02652EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2018/10/17 4:20 p.m.18 views

be.fluid-it.reactive-microservice.bundle:bootique-vertx (=0.1-8), be.fluid-it.reactive-microservice.bundle:reactive-microservice-bundle-core (=0.1-8) +762 more potentially affected by CVE-2018-12544 via io.vertx:vertx-core (>=3.5.0 <=3.5.3.CR1)

io.vertx:vertx-core MAVEN version =3.5.0, =0.4.2, =0.4.2, =0.4.2, =0.4.2, =0.4.2, =0.4.2, =0.4.2, =0.4.2, =0.4.2, =0.4.2, =0.4.2, =0.4.2, =0.4.5 and more Source cves: CVE-2018-12544 Source advisory: OSV:GHSA-QH3M-QW6V-QVHG...

9.8CVSS7.2AI score0.02172EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2018/10/11 1:19 p.m.22 views

CVE-2018-12544

In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML type validator creates XML parsers without taking appropriate defense against XML attacks. This mechanism is exclusively when the developer uses the Eclipse Vert.x OpenAPI XML type validator to validate a provided schema...

9.8CVSS2.9AI score0.02172EPSS
Exploits0References2
OSV
OSV
added 2018/10/10 8:29 p.m.9 views

CVE-2018-12544

In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML type validator creates XML parsers without taking appropriate defense against XML attacks. This mechanism is exclusively when the developer uses the Eclipse Vert.x OpenAPI XML type validator to validate a provided schema...

9.8CVSS6.7AI score
Exploits0References4
CVE
CVE
added 2018/10/10 8:0 p.m.87 views

CVE-2018-12544

CVE-2018-12544 affects Eclipse Vert.x OpenAPI XML type validator (versions 3.5.Beta1–3.5.3). The vulnerability stems from creating XML parsers without proper defenses against XML attacks, enabling XML External Entity (XXE) exploitation. Public references (Veracode, Red Hat advisory RHSA-2018:2946...

9.8CVSS9.3AI score0.02172EPSS
Exploits0References4Affected Software1
Check Point Advisories
Check Point Advisories
added 2018/04/15 12:0 a.m.6 views

HPE System Management Homepage Cross-site Scripting (CVE-2017-12544) - Ver2

A cross-site scripting vulnerability exists in HPE System Management Homepage. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

3.5CVSS5.4AI score0.04601EPSS
Exploits2
Packet Storm
Packet Storm
added 2018/04/13 12:0 a.m.73 views

Appear TV XC Hardware Maintenance Centre Directory Traversal

CVE-2018-7539 Directory Traversal on Appear TV Maintenance centre 8088 Discoverer: Arqiva Threat Team Person Karl W Product: Appear TV XC Hardware Maintenance Centre on port TCP/8088 Vendor : Appear TV Code Versions: All Version Vulnerability: Directory Traversal Impact: It is possible to read OS...

3.5CVSS6.2AI score0.04601EPSS
Exploits3
Packet Storm
Packet Storm
added 2018/03/01 12:0 a.m.90 views

HPE System Management 7.6.0.11 Cross Site Scripting

Product: HPE System Management Homepage Versions: 7.6.0.11 and minor versions Vulnerability: JavaScript Injection in file gsearch.php, parameter prod OWASP TOP 10: A1 Injection Type: Javascript Injection Impact: Allows an attacker to perform an XSS Cross-Site Scripting attack, execute arbitrary...

3.5CVSS5.8AI score0.04601EPSS
Exploits2
CVE
CVE
added 2018/02/15 10:0 p.m.91 views

CVE-2017-12544

CVE-2017-12544 concerns HPE System Management Homepage (SMH) prior to version 7.6.1, where a cross-site scripting (XSS) vulnerability allows an attacker to execute arbitrary script in a user’s browser (in the context of the affected site) and could enable cookie-based credential theft. The Nuclei...

5.4CVSS5.3AI score0.04601EPSS
Exploits2References3Affected Software1
OpenVAS
OpenVAS
added 2017/10/17 12:0 a.m.713 views

HP/HPE System Management Homepage (SMH) Multiple Remote Vulnerabilities (HPESBMU03753)

HP/HPE System Management Homepage SMH is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

7.8CVSS7.2AI score0.13252EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2015/08/11 12:0 a.m.16 views

Fedora Update for community-mysql FEDORA-2015-12544

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
CVE
CVE
added 1976/01/01 12:0 a.m.41 views

CVE-2020-12544

CVE-2020-12544 entry is rejected/not used; it does not represent an active vulnerability.

6.8AI score
Exploits0
Rows per page
Query Builder