Lucene search
K

86 matches found

OSV
OSV
added 2026/06/07 7:24 p.m.7 views

MINI-F843-WVGM-2744

Bulletin has no description...

9.1CVSS5.2AI score0.0036EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:19 a.m.6 views

CVE-2024-2744

The NextGEN Gallery WordPress plugin before 3.59.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.3CVSS6AI score0.0039EPSS
Exploits2References1
OSV
OSV
added 2025/08/10 8:42 a.m.3 views

MINI-M3C8-2744-QG2H

Bulletin has no description...

5.8CVSS7.2AI score0.02286EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2025/08/08 12:41 p.m.4 views

Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to version 3.50.2 CVE-2025-6965: Fixed an integer truncation to avoid assertion faults. bsc1246597 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.7CVSS7.9AI score0.73495EPSS
Exploits3References4
RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.13 views

CVE-2023-2744

The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the type parameter in the erp/v1/accounting/v1/people REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.2CVSS7.3AI score0.02632EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:54 p.m.5 views

CVE-2022-2744

A vulnerability, which was classified as critical, has been found in SourceCodester Gym Management System. Affected by this issue is some unknown functionality of the file /admin/addexercises.php of the component Background Management. The manipulation of the argument exerimg leads to unrestricte...

9.8CVSS7AI score0.00519EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:25 p.m.7 views

CVE-2020-2744

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain component: Security. Supported versions that are affected are 6.3.7, 6.4.2 and 6.4.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Transportati...

5.4CVSS6AI score0.0074EPSS
Exploits0
Circl
Circl
added 2025/03/25 7:23 a.m.6 views

CVE-2025-2744

creationtimestamp| type| source ---|---|--- 2025-03-25 07:23:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8621 2025-03-25 09:27:25+00:00| seen| https://t.me/cvedetector/21051...

5.5CVSS5.4AI score0.00651EPSS
Exploits1References2
NVD
NVD
added 2025/03/25 7:15 a.m.28 views

CVE-2025-2744

A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected is an unknown function of the file /admin-api/mp/material/upload-news-image of the component Material Upload Interface. The manipulation of the argument File leads to path traversal. It is...

5.5CVSS0.00651EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/03/25 7:0 a.m.4 views

CVE-2025-2744 zhijiantianya ruoyi-vue-pro Material Upload Interface upload-news-image path traversal

A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected is an unknown function of the file /admin-api/mp/material/upload-news-image of the component Material Upload Interface. The manipulation of the argument File leads to path traversal. It is...

5.5CVSS5.5AI score0.00651EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/03/25 7:0 a.m.26 views

CVE-2025-2744 zhijiantianya ruoyi-vue-pro Material Upload Interface upload-news-image path traversal

A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected is an unknown function of the file /admin-api/mp/material/upload-news-image of the component Material Upload Interface. The manipulation of the argument File leads to path traversal. It is...

5.5CVSS0.00651EPSS
Exploits1References4
NVD
NVD
added 2024/05/17 6:15 a.m.19 views

CVE-2024-2744

The NextGEN Gallery WordPress plugin before 3.59.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.3CVSS5.7AI score0.0039EPSS
Exploits2References1
CVE
CVE
added 2024/05/17 6:0 a.m.75 views

CVE-2024-2744

The CVE refers to NextGEN Gallery WordPress plugin prior to 3.59.1. It allows stored XSS because some settings aren’t sanitized/escaped, enabling high-privilege users (e.g., admins) to execute scripts after interaction. CVSSv3.1 base score 4.3 (Medium) with AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L. Re...

4.3CVSS5.9AI score0.0039EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2024/05/17 6:0 a.m.21 views

CVE-2024-2744 Nextgen Gallery < 3.59.1 - Admin+ Stored XSS

The NextGEN Gallery WordPress plugin before 3.59.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

5.6AI score0.0039EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/05/17 12:0 a.m.10 views

WordPress NextGEN Gallery Plugin < 3.59.1 is vulnerable to Cross Site Scripting (XSS)

Software NextGEN Gallery Type Plugin Vulnerable versions 3.59.1 Fixed in 3.59.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2744 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 59c77919ffbb Credits Dmitrii Ignatyev Require...

5.7AI score0.0039EPSS
Exploits2References4Affected Software1
Circl
Circl
added 2023/12/31 7:29 a.m.6 views

CVE-2023-2744

creationtimestamp| type| source ---|---|--- 2023-12-31 07:29:21+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/6345 2024-01-01 05:59:02+00:00| seen| https://t.me/arpsyndicate/2301 2024-01-01 18:14:00+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/9698...

7.2CVSS6.9AI score0.02632EPSS
Exploits5References4
GithubExploit
GithubExploit
added 2023/12/31 7:27 a.m.477 views

Exploit for CVE-2023-2744

Exploit Title: WP Plugins WP ERP = 1.12.2 - SQL Injection D...

7.2CVSS8.2AI score0.02632EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/10/16 12:0 a.m.318 views

WordPress WP ERP 1.12.2 SQL Injection

Exploit Title: WP Plugins WP ERP = 1.12.2 - SQL Injection Date: 15-10-2023 Exploit Author: Arvandy Software Link: https://wordpress.org/plugins/erp/ Vendor Homepage: https://wperp.com/ Version: 1.12.2 Tested on: Windows, Linux CVE: CVE-2023-2744 Product Description WP ERP is the first full-fledge...

7.2CVSS7.1AI score0.02632EPSS
Exploits5
0day.today
0day.today
added 2023/10/16 12:0 a.m.424 views

WordPress WP ERP 1.12.2 SQL Injection Vulnerability

Exploit Title: WP Plugins WP ERP = 1.12.2 - SQL Injection Exploit Author: Arvandy Software Link: https://wordpress.org/plugins/erp/ Vendor Homepage: https://wperp.com/ Version: 1.12.2 Tested on: Windows, Linux CVE: CVE-2023-2744 Product Description WP ERP is the first full-fledged ERP Enterprise...

7.2CVSS7.1AI score0.02632EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2023/07/01 12:0 a.m.4 views

openSUSE 15 Security Update : rekor (SUSE-SU-2023:2744-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:2744-1 advisory. - rebuild the package with the go 1.20 security release bsc1206346. Tenable has extracted the preceding description block directly from the SUSE security...

5.9AI score
Exploits0References2
Rows per page
Query Builder