Lucene search
+L

1397 matches found

ptsecurity
ptsecurity
added 2025/12/29 12:0 a.m.10 views

PT-2025-53714

Name of the Vulnerable Software and Affected Versions GreenCMS versions prior to 2.3 Description A flaw exists in GreenCMS up to version 2.3 within the File Handler component, specifically in the /DataController.class.php file. Manipulation of the sqlFiles/zipFiles argument can lead to path...

6.5CVSS6.2AI score0.00574EPSS
Exploits1References11
redhatcve
redhatcve
added 2025/12/19 7:32 a.m.4 views

CVE-2025-66116

Insertion of Sensitive Information Into Sent Data vulnerability in UserElements Ultimate Member Widgets for Elementor ultimate-member-widgets-for-elementor allows Retrieve Embedded Sensitive Data.This issue affects Ultimate Member Widgets for Elementor: from n/a through = 2.3...

7.5CVSS6.9AI score0.00238EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/12/19 7:32 a.m.3 views

CVE-2025-57897

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in venusweb Logtik logtik allows Reflected XSS.This issue affects Logtik: from n/a through = 2.3...

7.1CVSS6.4AI score0.00191EPSS
Exploits0References1
cve
cve
added 2025/12/18 7:22 a.m.10 views

CVE-2025-66116

CVE-2025-66116 relates to a Information Disclosure vulnerability in the WordPress plugin Ultimate Member Widgets for Elementor (ultimate-member-widgets-for-elementor). The issue is described as Insertion of Sensitive Information Into Sent Data, enabling retrieval of embedded sensitive data. Affec...

7.5CVSS6.5AI score0.00238EPSS
Exploits0References1
spring
spring
added 2025/12/18 12:0 a.m.20 views

Next level Kotlin support in Spring Boot 4

Following the announcement of the strategic partnership between JetBrains and Spring in May, I would like to share a global update on various Kotlin-related features and documentation enhancements we have made recently, with the goal of making Spring Boot 4 the best framework to develop backend...

7AI score
Exploits0
patchstack
patchstack
added 2025/12/12 10:9 p.m.10 views

WordPress Design Import/Export plugin <= 2.2 - Authenticated (Administrator+) SQL Injection via XML File Import vulnerability

Authenticated Administrator+ SQL Injection via XML File Import vulnerability discovered by ChamlaVic in WordPress Plugin Design Import/Export versions = 2.2...

4.9CVSS7.8AI score0.00277EPSS
Exploits0References1Affected Software1
redhatcve
redhatcve
added 2025/12/10 5:17 p.m.5 views

CVE-2022-46845

Missing Authorization vulnerability in Essential Plugin Slider a SlidersPack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider a SlidersPack: from n/a before 2.3...

5.3CVSS6.9AI score0.00213EPSS
Exploits0References1
euvd
euvd
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-201989

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Riyadh Ahmed Make Section & Column Clickable For Elementor make-section-column-clickable-elementor allows Stored XSS.This issue affects Make Section & Column Clickable For Elementor: from n/a throu...

5.5AI score0.00179EPSS
Exploits0References2
cvelist
cvelist
added 2025/12/09 4:42 p.m.25 views

CVE-2022-46845 WordPress Slider a SlidersPack plugin <= 2.0.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Essential Plugin Slider a SlidersPack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slider a SlidersPack: from n/a before 2.3...

5.3CVSS0.00213EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/12/09 12:0 a.m.5 views

WordPress plugin Make Section Column Clickable For Elementor 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that provides the ability to set up a personal blog site on a PHP and MySQL based server. A cross-site scripti...

5.9CVSS5.7AI score0.00179EPSS
Exploits0References1
nvd
nvd
added 2025/11/18 7:15 p.m.5 views

CVE-2025-63693

The comment editing template dzz/comment/template/editform.htm in DzzOffice 2.3.x lacks adequate security escaping for user-controllable data in multiple contexts, including HTML and JavaScript strings. This allows low-privilege attackers to construct comment content or request parameters and...

5.4CVSS0.00154EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2025/11/18 12:0 a.m.7 views

PT-2025-47290

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description The commissioning wizard does not validate if the device is already initialized. This allows an unauthenticated remote attacker to construct HTTP POST requests to set or modify root credentials without...

9.8CVSS7AI score0.00589EPSS
Exploits0References7
openvas
openvas
added 2025/10/28 12:0 a.m.2 views

Ubuntu: Security Advisory (USN-7840-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.02064EPSS
Exploits1References2
cve
cve
added 2025/10/27 1:34 a.m.12 views

CVE-2025-62982

CVE-2025-62982 : WordPress plugin Dynamic User Directory (&lt;= v2.3) contains a stored XSS flaw due to improper input neutralization during page generation. Wordfence corroborates the CVE and notes the issue affects Dynamic User Directory

5.9CVSS5.6AI score0.00163EPSS
Exploits0References1
ibm
ibm
added 2025/10/21 12:44 a.m.8 views

Security Bulletin: IBM Fusion HCI is vulnerable to potential container escapes

Summary An OpenShift or Fusion administrator, or potentially an attacker who gains access to a certain Storage Fusion containers, can gain access to underlying node linux capabilities, increasing the possibility of a container escape such as CVE-2022-0185. Vulnerability Details CVEID:CVE-2022-018...

8.4CVSS6.6AI score0.25151EPSS
Exploits11Affected Software2
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-1479

Malware in sbrugna...

6.5CVSS6.1AI score0.02982EPSS
Exploits5References10
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-0731

Malware in sbrugna...

6.5CVSS6.4AI score0.00992EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-18160

Malware in sbrugna...

6.1CVSS6.3AI score0.00859EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-3830

Malware in sbrugna...

7.5CVSS6.4AI score0.0168EPSS
Exploits1References4
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2009-3295

Malware in sbrugna...

6.5CVSS6.4AI score0.01084EPSS
Exploits0References8
Rows per page
Query Builder