Lucene search
K

10 matches found

Circl
Circl
added 2025/12/14 7:3 a.m.5 views

CVE-2025-12696

creationtimestamp| type| source ---|---|--- 2025-12-14 07:03:39+00:00| seen| https://infosec.exchange/users/offseq/statuses/115716641088388737 2025-12-15 08:50:48+00:00| seen| https://gist.github.com/Darkcrai86/2828734cda9ac44bdac5a22dde4d38bd...

5.3CVSS5.3AI score0.00117EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/18 7:5 a.m.5 views

CVE-2024-12696 Picture Gallery – Frontend Image Uploads, AJAX Photo List <= 1.5.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via videowhisper_picture_upload_guest Shortcode

The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's videowhisperpictureuploadguest shortcode in all versions up to, and including, 1.5.22 due to insufficient input sanitization and output escaping on user...

6.4CVSS5.8AI score0.00398EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/18 7:5 a.m.12 views

CVE-2024-12696 Picture Gallery – Frontend Image Uploads, AJAX Photo List <= 1.5.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via videowhisper_picture_upload_guest Shortcode

The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's videowhisperpictureuploadguest shortcode in all versions up to, and including, 1.5.22 due to insufficient input sanitization and output escaping on user...

6.4CVSS0.00398EPSS
Exploits0References3
CVE
CVE
added 2025/01/18 7:5 a.m.43 views

CVE-2024-12696

CVE-2024-12696 pertains to the WordPress plugin “Picture Gallery – Frontend Image Uploads, AJAX Photo List” and enables Stored XSS via the videowhisper_picture_upload_guest shortcode. It affects all versions up to 1.5.22 due to insufficient input sanitization/output escaping on user attributes. E...

6.4CVSS5.8AI score0.00398EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/03/19 12:27 a.m.59 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a...

7.8CVSS6.7AI score0.00613EPSS
Exploits0References12
CVE
CVE
added 2020/05/07 4:39 a.m.77 views

CVE-2020-12696

CVE-2020-12696 affects the WordPress iframe plugin (versions before 4.5). The issue is that the plugin does not sanitize user-supplied URLs in the iframe, enabling a potential cross-site scripting (XSS) vector. Multiple sources cite this as an authenticated stored XSS vulnerability, with remediat...

6.1CVSS6.2AI score0.02006EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2019/10/02 7:6 p.m.43 views

CVE-2019-12696

Cisco Firepower System Software Detection Engine contains bypass vulnerabilities that allow an unauthenticated, remote attacker to bypass Malware and File Policies for RTF and RAR file types. The issue is addressed by Cisco in a security advisory with software updates; apply the relevant firmware...

7.5CVSS6.7AI score0.01455EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/06/23 6:0 p.m.33 views

CVE-2018-12696

mao10cms 6 is affected by a cross-site scripting (XSS) vulnerability in the article page. The CVE entry for CVE-2018-12696, corroborated by CNVD-2018-12115 and other sources, states that an XSS flaw exists in mao10cms version 6, enabling arbitrary script/HTML injection via the article page. The r...

6.1CVSS5.9AI score0.00705EPSS
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2014/12/27 12:0 a.m.57 views

WHM.AutoPilot 2.4.6.5 - Multiple Vulnerabilities

WHM.AutoPilot 2.4.6.5 - Multiple Vulnerabilities WHM.AutoPilot Multiple Vulnerabilities Vendor: Benchmark Designs, LLC Product: WHM.AutoPilot Version: = 2.4.6.5 Website: http://www.whmautopilot.com/ BID: 12119 CVE: CVE-2004-1420 CVE-2004-1421 CVE-2004-1422 OSVDB: 12693 12694 12695 12696 12697...

7.5CVSS0.3AI score0.07888EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2011/04/07 12:0 a.m.24 views

SuSE9 Security Update : dhcpcd (YOU Patch Number 12696)

A rogue DHCP server could instruct clients to use a host name that contains shell meta characters. Since many scripts in the system do not expect unusal characters in the system's host name the DHCP client needs to sanitize the host name offered by the server. CVE-2011-0996 %NASLMINLEVEL 70300 C...

7.5CVSS6.4AI score0.84292EPSS
Exploits6References4
Rows per page
Query Builder