Lucene search
+L

369 matches found

Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.2 views

CVE-2026-22402 WordPress Triply theme <= 2.4.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in pavothemes Triply triply allows PHP Local File Inclusion.This issue affects Triply: from n/a through = 2.4.7...

7.5CVSS5.9AI score0.0037EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.2 views

CVE-2026-22402

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in pavothemes Triply triply allows PHP Local File Inclusion.This issue affects Triply: from n/a through = 2.4.7...

7.5CVSS5.4AI score0.0037EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.20 views

CVE-2026-22402 WordPress Triply theme <= 2.4.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in pavothemes Triply triply allows PHP Local File Inclusion.This issue affects Triply: from n/a through = 2.4.7...

7.5CVSS0.0037EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : cups-1.6.3-52.0.1.el7.AXS7 (AXSA:2024-8620:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8620:07 advisory. CVE-2023-4504: scanps: check for null terminator after backslash character CVEs: CVE-2023-4504 Due to failure in validating the length provided by an...

7CVSS6.2AI score0.00663EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

MiracleLinux 3 : freetype-2.2.1-28.1.0.2.AXS3 (AXSA:2011-339:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-339:01 advisory. The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments...

9.3CVSS6.2AI score0.06646EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:48 a.m.14 views

CVE-2022-27238

BigBlueButton version 2.4.7 or earlier is vulnerable to stored Cross-Site Scripting XSS in the private chat functionality. A threat actor could inject JavaScript payload in his/her username. The payload gets executed in the browser of the victim each time the attacker sends a private message to t...

5.4CVSS5.5AI score0.00428EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/30 5:41 a.m.6 views

WordPress JetBlog plugin <= 2.4.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bonds in WordPress Plugin JetBlog versions = 2.4.7...

6.5CVSS7AI score0.00269EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/12/30 12:32 a.m.4 views

EUVD-2025-205654

Missing Authorization vulnerability in Crocoblock JetBlog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetBlog: from n/a through 2.4.7...

6.5CVSS6.5AI score0.00269EPSS
Exploits0References2
CVE
CVE
added 2025/12/29 9:15 p.m.21 views

CVE-2025-68503

Technical details about CVE-2025-68503 (JetBlog missing authorization) are not publicly provided in the supplied documents. Monitor for updates and official advisories.

6.5CVSS5.9AI score0.00269EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/29 9:15 p.m.29 views

CVE-2025-68503 WordPress JetBlog plugin <= 2.4.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Crocoblock JetBlog jet-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetBlog: from n/a through = 2.4.7...

6.5CVSS0.00269EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.11 views

PT-2025-53795

Name of the Vulnerable Software and Affected Versions Crocoblock JetBlog versions through 2.4.7 Description An authorization issue exists in Crocoblock JetBlog, allowing exploitation of incorrectly configured access control security levels. This can lead to unauthorized access. Recommendations...

6.5CVSS6.6AI score0.00269EPSS
Exploits0References4
OSV
OSV
added 2025/12/05 11:15 a.m.8 views

AZL-71528 CVE-2025-66200 affecting package httpd for versions less than 2.4.66-1

moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are...

5.4CVSS5.7AI score0.00591EPSS
Exploits0References1
Fedora
Fedora
added 2025/12/05 2:42 a.m.8 views

[SECURITY] Fedora 42 Update: fcgi-2.4.7-1.fc42

FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs...

9.3CVSS6.9AI score0.00566EPSS
Exploits0
Fedora
Fedora
added 2025/12/05 2:22 a.m.11 views

[SECURITY] Fedora 41 Update: fcgi-2.4.7-1.fc41

FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs...

9.3CVSS6.9AI score0.00566EPSS
Exploits0
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.3 views

Apache HTTP Server 安全漏洞

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A code execution vulnerability exists in Apache HTTP Server versions 2.4.7 through 2.4.65, which can be exploited by an attacker t...

5.4CVSS7.1AI score0.00591EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/05 12:0 a.m.6 views

Fedora 42 : fcgi (2025-d7c1457e7e)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-d7c1457e7e advisory. 2.4.7 release, fixes CVE-2025-23016 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

9.3CVSS8.1AI score0.00566EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/12/04 12:0 a.m.2 views

Apache HTTP Server 2.4.7 - 2.4.65 Authentication Bypass Vulnerability - Linux

Apache HTTP Server is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.4CVSS7AI score0.00591EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/29 12:0 a.m.5 views

Retro 跨站脚本漏洞

Retro is an online platform for displaying vintage style items by the individual developer Lakshmi Pavananjali. A cross-site scripting vulnerability exists in Retro versions prior to 2.4.7, which stems from the input processing component being susceptible to cross-site scripting attacks...

6.1CVSS6AI score0.00167EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/09 3:28 a.m.6 views

WordPress Restaurant Menu by MotoPress plugin <= 2.4.7 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin Restaurant Menu by MotoPress versions = 2.4.7...

6.5CVSS7AI score0.00293EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/08 12:0 a.m.5 views

PT-2025-45546

Name of the Vulnerable Software and Affected Versions WP2Social Auto Publish versions through 2.4.7 Description The WP2Social Auto Publish plugin for WordPress is susceptible to Reflected Cross-Site Scripting via PostMessage due to inadequate input sanitization and output escaping. This allows...

6.1CVSS5.9AI score0.00201EPSS
Exploits0References5
Rows per page
Query Builder