Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:15 a.m.8 views

CVE-2019-12591

NETGEAR Insight Cloud with firmware before Insight 5.6 allows remote authenticated users to achieve command injection...

7.6CVSS6.9AI score0.00895EPSS
Exploits0References1
Circl
Circl
added 2024/12/21 9:42 a.m.3 views

CVE-2024-12591

creationtimestamp| type| source ---|---|--- 2024-12-21 09:42:26+00:00| seen| https://infosec.exchange/users/cve/statuses/113690158417673754 2024-12-21 10:15:30+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ldso7k43ha2i 2024-12-21 11:59:17+00:00| seen|...

6.4CVSS8.7AI score0.00331EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/21 9:23 a.m.7 views

CVE-2024-12591 MagicPost <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via wb_share_social Shortcode

The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wbsharesocial shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00331EPSS
Exploits0References3
CVE
CVE
added 2024/12/21 9:23 a.m.46 views

CVE-2024-12591

CVE-2024-12591 concerns the WordPress plugin MagicPost . A stored XSS vulnerability exists in the wb_share_social shortcode across versions up to 1.2.1, enabling authenticated attackers with contributor-level access or higher to inject scripts that execute in visitors’ browsers. The issue is caus...

6.4CVSS5.7AI score0.00331EPSS
Exploits0References3
NVD
NVD
added 2022/12/30 10:15 p.m.10 views

CVE-2020-12591

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...

Exploits0
OSV
OSV
added 2019/06/03 1:29 p.m.3 views

CVE-2019-12591

NETGEAR Insight Cloud with firmware before Insight 5.6 allows remote authenticated users to achieve command injection...

7.6CVSS7AI score0.00895EPSS
Exploits0References1
CVE
CVE
added 2019/06/03 12:35 p.m.51 views

CVE-2019-12591

NETGEAR Insight Cloud vulnerable before Insight 5.6. Remote authenticated users can perform command injection due to input handling during executable command construction. This is tied to NETGEAR Insight Cloud firmware prior to 5.6. The vulnerability is documented across multiple sources (NVD and...

7.6CVSS7.4AI score0.00895EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/06/20 12:0 p.m.55 views

CVE-2018-12591

The CVE-2018-12591 entry concerns Ubiquiti Networks EdgeSwitch, affected in 1.7.3 and earlier. The root cause is an improperly neutralized element in an OS command due to insufficient protection on the admin CLI, enabling code execution and privilege escalation beyond administrator rights. An att...

9CVSS7.6AI score0.01861EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/08/18 5:0 p.m.45 views

CVE-2017-12591

CVE-2017-12591 affects ASUS DSL-N10S V2.1.16_APAC. The vulnerability is a cross‑site scripting (XSS) flaw in the snmpSysName parameter, allowing reflected and stored XSS on the device. Root cause: improper handling of the snmpSysName input. Impact is described as XSS with low to medium overall se...

5.4CVSS5.5AI score0.00513EPSS
Exploits1References1Affected Software1
CVE
CVE
added 1976/01/01 12:0 a.m.40 views

CVE-2020-12591

CVE-2020-12591 entry is rejected and not used; not an active vulnerability entry.

6.8AI score
Exploits0
Rows per page
Query Builder