CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

RedhatCVE•added 2026/01/09 8:42 a.m.•6 views

CVE-2022-31089

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability...

7.5CVSS6.6AI score0.00334EPSS

Exploits0References1

Circl•added 2025/04/01 11:48 p.m.•2 views

CVE-2025-31089

creationtimestamp| type| source ---|---|--- 2025-04-01 23:48:36+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114265379011567967 2025-04-02 00:46:12+00:00| seen| https://bsky.app/profile/redteamnews.bsky.social/post/3lls5xhhhhb23 2025-04-02 14:34:11+00:00|...

8.5CVSS8.7AI score0.00168EPSS

Exploits0References3

NVD•added 2025/04/01 9:15 p.m.•4 views

CVE-2025-31089

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Fahad Mahmood Order Splitter for WooCommerce woo-order-splitter allows SQL Injection.This issue affects Order Splitter for WooCommerce: from n/a through = 5.3.0...

8.5CVSS0.00168EPSS

Exploits0References1

Patchstack•added 2025/04/01 4:43 p.m.•4 views

WordPress Order Splitter for WooCommerce plugin <= 5.3.0 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by LVT-tholv2k in WordPress Plugin Order Splitter for WooCommerce versions = 5.3.0...

8.5CVSS8.8AI score0.00168EPSS

Exploits0Affected Software1

Vulnrichment•added 2024/03/31 7:30 p.m.•11 views

CVE-2024-31089 WordPress Platinum SEO plugin <= 2.4.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Techblissonline.Com Rajesh Platinum SEO allows Stored XSS.This issue affects Platinum SEO: from n/a through 2.4.0...

5.9CVSS6.7AI score0.00062EPSS

Exploits0References1

Cvelist•added 2024/03/31 7:30 p.m.•13 views

CVE-2024-31089 WordPress Platinum SEO plugin <= 2.4.0 - Cross Site Scripting (XSS) vulnerability

5.9CVSS5.9AI score0.00062EPSS

Exploits0References1

CVE•added 2024/03/31 7:30 p.m.•51 views

CVE-2024-31089

CVE-2024-31089 is a stored Cross-Site Scripting (XSS) vulnerability reported in the Platinum SEO WordPress plugin (Techblissonline) affecting versions from 1.0 up to and including 2.4.0, per the initial description and Red Hat Security entry. The issue is described as improper neutralization of i...

5.9CVSS8.6AI score0.00062EPSS

Exploits0References1

NVD•added 2023/11/18 11:15 p.m.•9 views

CVE-2023-31089

Cross-Site Request Forgery CSRF vulnerability in Tradebooster Video XML Sitemap Generator.This issue affects Video XML Sitemap Generator: from n/a through 1.0.0...

8.8CVSS0.00128EPSS

Exploits0References1

CVE•added 2023/11/18 10:38 p.m.•48 views

CVE-2023-31089

CVE-2023-31089 concerns the WordPress plugin Video XML Sitemap Generator (Tradebooster)

8.8CVSS8.5AI score0.00128EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/11/18 10:38 p.m.•12 views

CVE-2023-31089 WordPress Video XML Sitemap Generator Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Tradebooster Video XML Sitemap Generator.This issue affects Video XML Sitemap Generator: from n/a through 1.0.0...

4.3CVSS8.9AI score0.00128EPSS

Exploits0References1

Patchstack•added 2023/04/24 12:0 a.m.•7 views

WordPress Video XML Sitemap Generator Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Video XML Sitemap Generator Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-31089 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6aa1b47a308e Credits Mika...

8.8CVSS7AI score0.00128EPSS

Exploits0References1Affected Software1

Circl•added 2022/06/28 12:35 a.m.•1 views

CVE-2022-31089

creationtimestamp| type| source ---|---|--- 2022-06-28 00:35:18+00:00| seen| https://t.me/cibsecurity/45239...

7.5CVSS7.3AI score0.00334EPSS

Exploits0References1

Vulnrichment•added 2022/06/27 9:10 p.m.•5 views

CVE-2022-31089 Invalid file request can crashe parse-server

7.5CVSS7.5AI score0.00334EPSS

Exploits0References2

CVE•added 2022/06/27 9:10 p.m.•94 views

CVE-2022-31089

CVE-2022-31089 affects Parse Server (Node.js backend). The vulnerability arises from improper handling of certain invalid file requests, which can crash the server. Impact: availability can be high for a single instance, lower for clustered setups. The issue has been fixed in versions 4.10.12 and...

7.5CVSS7.4AI score0.00334EPSS

Exploits0References2Affected Software1

vulnersOsv•added 2022/06/20 10:25 p.m.•1 views

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @peterpme/parse-server-mailgun (>=2.4.8 <=2.5.11) +19 more potentially affected by CVE-2022-31089 via parse-server (>=2.0.8 <=3.10.0)

parse-server NPM version =2.0.8, =1.0.5, =2.4.8, =1.0.0, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.0, =1.0.0, =1.0.0, =1.4.0 and more Source cves: CVE-2022-31089 Source advisory: OSV:GHSA-XW6G-JJVF-WWF9...

7.5CVSS7.1AI score0.00334EPSS

Exploits0

Cvelist•added 2021/08/24 6:53 p.m.•8 views

CVE-2021-31089

...

Exploits0

CVE•added 2021/08/24 6:53 p.m.•31 views

CVE-2021-31089

CVE-2021-31089 entry is rejected/not used and does not represent an active vulnerability entry.

7.4AI score

Exploits0

Rows per page