Lucene search
K

21 matches found

CVE
CVE
added 2026/04/06 12:0 a.m.11 views

CVE-2026-31062

CVE-2026-31062 affects UTT Aggressive 520W devices with firmware v3v1.7.7-180627. The issue is a buffer overflow in the filename parameter of the formFtpServerDirConfig function, leading to Denial of Service via crafted input. The connected sources consistently describe this as a DoS vulnerabilit...

4.5CVSS6.2AI score0.00229EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:39 a.m.8 views

CVE-2024-31062

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Street input field...

6.3CVSS7.4AI score0.00824EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/18 4:3 p.m.17 views

CVE-2025-31062

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in redqteam Wishlist wishlist allows Retrieve Embedded Sensitive Data.This issue affects Wishlist: from n/a through = 2.1.0...

4.3CVSS7.2AI score0.0028EPSS
Exploits0References1
NVD
NVD
added 2025/05/16 4:15 p.m.6 views

CVE-2025-31062

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in redqteam Wishlist wishlist allows Retrieve Embedded Sensitive Data.This issue affects Wishlist: from n/a through = 2.1.0...

4.3CVSS0.0028EPSS
Exploits0References1
CVE
CVE
added 2025/05/16 3:45 p.m.22 views

CVE-2025-31062

CVE-2025-31062 (Wishlist WordPress plugin) : Affects Wishlist versions n/a–2.1.0. Described as Exposure of Sensitive System Information to an Unauthorized Control Sphere, allowing retrieval of embedded sensitive data. CVSSv3.1 base score 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). Exploitation det...

4.3CVSS7.2AI score0.0028EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/16 3:45 p.m.6 views

CVE-2025-31062 WordPress Wishlist plugin <= 2.1.0 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in redqteam Wishlist wishlist allows Retrieve Embedded Sensitive Data.This issue affects Wishlist: from n/a through = 2.1.0...

4.3CVSS7.2AI score0.0028EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/16 1:10 p.m.5 views

WordPress Wishlist plugin <= 2.1.0 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Wishlist versions = 2.1.0...

4.3CVSS8.2AI score0.0028EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/03/28 7:15 p.m.12 views

CVE-2024-31062

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Street input field...

6.3CVSS7AI score0.00824EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/03/28 12:0 a.m.14 views

CVE-2024-31062

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Street input field...

7.3AI score0.00824EPSS
Exploits1References3
CVE
CVE
added 2024/03/28 12:0 a.m.63 views

CVE-2024-31062

CVE-2024-31062 is a Cross Site Scripting vulnerability in the Insurance Management System, affected versions 1.0.0 and earlier. The issue allows a remote attacker to execute arbitrary code via the Street input field, indicating a client-side/script injection flaw in the Street field processing. T...

6.3CVSS7.3AI score0.00824EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/05/22 3:47 p.m.52 views

CVE-2023-31062

CVE-2023-31062 documents an Apache InLong Privilege Escalation vulnerability (affected versions 1.2.0–1.6.0). The issue arises from improper privilege management, allowing an attacker who has a valid but unprivileged account to escalate privileges by sending a login request (e.g., via Burp Suite)...

9.8CVSS9.6AI score0.01289EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/22 3:47 p.m.13 views

CVE-2023-31062 Apache InLong: Privilege escalation vulnerability for InLong

Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. When the attacker has access to a valid but unprivileged account, the exploit can be executed using Burp Suite by sending a login request and...

9.5AI score0.01289EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/22 3:47 p.m.33 views

CVE-2023-31062 Apache InLong: Privilege escalation vulnerability for InLong

Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. When the attacker has access to a valid but unprivileged account, the exploit can be executed using Burp Suite by sending a login request and...

9.8AI score0.01289EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2023/04/03 12:0 a.m.250 views

GLPI Glpiinventory 1.0.1 Local File Inclusion

ADVISORY INFORMATION Exploit Title: GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion Date of found: 11 Jun 2022 Application: GLPI Glpiinventory = 1.0.1 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link:...

5.3CVSS5.6AI score0.05497EPSS
Exploits3
0day.today
0day.today
added 2023/04/03 12:0 a.m.276 views

GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion Vulnerability

ADVISORY INFORMATION Exploit Title: GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion Date of found: 11 Jun 2022 Application: GLPI Glpiinventory = 1.0.1 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link:...

5.3CVSS5.6AI score0.05497EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.198 views

GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion

ADVISORY INFORMATION Exploit Title: GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion Date of found: 11 Jun 2022 Application: GLPI Glpiinventory = 1.0.1 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link:...

5.3CVSS5.3AI score0.05497EPSS
Exploits3
Cvelist
Cvelist
added 2022/06/20 12:0 a.m.49 views

CVE-2022-31062 Unauthenticated Local File Inclusion

Impact A plugin public script can be used to read content of system files. Patches Upgrade to version 1.0.2. Workarounds b/deploy/index.php file can be deleted if deploy feature is not used...

5.3CVSS5.4AI score0.05497EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2022/06/20 12:0 a.m.6 views

CVE-2022-31062 Unauthenticated Local File Inclusion

Impact A plugin public script can be used to read content of system files. Patches Upgrade to version 1.0.2. Workarounds b/deploy/index.php file can be deleted if deploy feature is not used...

5.3CVSS5.2AI score0.05497EPSS
Exploits3References2
CVE
CVE
added 2022/06/20 12:0 a.m.85 views

CVE-2022-31062

GLPI Inventory Plugin for GLPI is affected by an unauthenticated Local File Inclusion vulnerability in versions before 1.0.2. A public script in the plugin can be used to read system files (root cause: public file/script exposed under b/deploy/index.php path). Impact is reading contents of system...

5.3CVSS5.1AI score0.05497EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2021/08/24 6:52 p.m.12 views

CVE-2021-31062

...

Exploits0
Rows per page
Query Builder