Lucene search
+L

891 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 3 : newt-0.52.2-13AXS3 (AXSA:2009-404:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-404:02 advisory. Newt is a programming library for color text mode, widget based user interfaces. Newt can be used to add stacked windows, entry widgets, checkboxes, radio...

4.6CVSS7.3AI score0.00497EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:34 a.m.9 views

CVE-2019-7915

A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers...

7.5CVSS6.7AI score0.01175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/23 9:45 a.m.8 views

CVE-2025-62880

Cross-Site Request Forgery CSRF vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through = 3.12.0...

4.3CVSS5.9AI score0.001EPSS
Exploits0References1
NVD
NVD
added 2025/12/22 10:16 a.m.6 views

CVE-2025-62880

Cross-Site Request Forgery CSRF vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through = 3.12.0...

4.3CVSS0.001EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/22 9:31 a.m.5 views

EUVD-2025-204706

Cross-Site Request Forgery CSRF vulnerability in Kunal Nagar Custom 404 Pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through 3.12.0...

4.3CVSS6.3AI score0.001EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/22 9:31 a.m.4 views

CVE-2025-62880 WordPress Custom 404 Pro plugin <= 3.12.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through = 3.12.0...

4.3CVSS5.1AI score0.001EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/22 9:31 a.m.35 views

CVE-2025-62880 WordPress Custom 404 Pro plugin <= 3.12.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through = 3.12.0...

4.3CVSS0.001EPSS
Exploits0References1
CVE
CVE
added 2025/12/22 9:31 a.m.13 views

CVE-2025-62880

CVE-2025-62880 concerns a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Custom 404 Pro (versions up to and including 3.12.0). The CVE documents indicate the vulnerability affects Custom 404 Pro and can enable unauthorized actions on behalf of authenticated users due to C...

4.3CVSS5.9AI score0.001EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/22 12:0 a.m.22 views

WordPress plugin Custom 404 Pro 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS6.6AI score0.001EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/22 12:0 a.m.9 views

PT-2025-52640

Name of the Vulnerable Software and Affected Versions Custom 404 Pro versions through 3.12.0 Description A Cross-Site Request Forgery issue exists in Kunal Nagar Custom 404 Pro. This allows attackers to perform actions on behalf of authenticated users. The issue affects Custom 404 Pro WordPress...

4.3CVSS6.5AI score0.001EPSS
Exploits0References6
NVD
NVD
added 2025/12/13 4:16 p.m.5 views

CVE-2025-14477

The 404 Solution plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 3.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This is due to improper sanitization of the filterText paramet...

4.9CVSS0.00314EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/03 3:59 p.m.5 views

Malicious code in elf-stats-sugarplum-star-404 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af58caae8c9aabd3fde2e959bd640de9a2ce156fef007eb07c76d62a6a25d1fd The package elf-stats-sugarplum-star-404 was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/12/03 3:59 p.m.2 views

MAL-2025-192173 Malicious code in elf-stats-sugarplum-star-404 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af58caae8c9aabd3fde2e959bd640de9a2ce156fef007eb07c76d62a6a25d1fd The package elf-stats-sugarplum-star-404 was found to contain malicious code...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/10/31 3:30 p.m.6 views

EUVD-2024-55061

Nagios XI versions prior to 2024R1.1 is vulnerable to a cross-site scripting XSS when a user visits the "missing page" 404 page after following a link from another website. The vulnerable component, page-missing.php, fails to properly validate or escape user-supplied input, allowing an attacker t...

5.1CVSS5.5AI score0.00535EPSS
Exploits0References4
OSV
OSV
added 2025/10/31 1:15 p.m.7 views

CVE-2024-13992

Nagios XI versions prior to 2024R1.1 is vulnerable to a cross-site scripting XSS when a user visits the "missing page" 404 page after following a link from another website. The vulnerable component, page-missing.php, fails to properly validate or escape user-supplied input, allowing an attacker t...

5.4CVSS5.7AI score0.00535EPSS
Exploits0References3
NVD
NVD
added 2025/10/31 1:15 p.m.6 views

CVE-2024-13992

Nagios XI versions prior to 2024R1.1 is vulnerable to a cross-site scripting XSS when a user visits the "missing page" 404 page after following a link from another website. The vulnerable component, page-missing.php, fails to properly validate or escape user-supplied input, allowing an attacker t...

5.4CVSS0.00535EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/31 12:35 p.m.19 views

CVE-2024-13992 Nagios XI < 2024R1.1 XSS via Missing Page / 404

Nagios XI versions prior to 2024R1.1 is vulnerable to a cross-site scripting XSS when a user visits the "missing page" 404 page after following a link from another website. The vulnerable component, page-missing.php, fails to properly validate or escape user-supplied input, allowing an attacker t...

5.1CVSS0.00535EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/31 12:35 p.m.6 views

CVE-2024-13992 Nagios XI < 2024R1.1 XSS via Missing Page / 404

Nagios XI versions prior to 2024R1.1 is vulnerable to a cross-site scripting XSS when a user visits the "missing page" 404 page after following a link from another website. The vulnerable component, page-missing.php, fails to properly validate or escape user-supplied input, allowing an attacker t...

5.1CVSS5.5AI score0.00535EPSS
Exploits0References3
NVD
NVD
added 2025/10/27 7:16 p.m.6 views

CVE-2025-53533

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions 6.2.1 and earlier are vulnerable to reflected cross-site scripting XSS via a malformed URL path. The 404 error page includes t...

6.1CVSS0.00564EPSS
Exploits2References1
CVE
CVE
added 2025/10/27 7:6 p.m.44 views

CVE-2025-53533

CVE-2025-53533 affects Pi-hole Admin Interface ≤ 6.2.1. It is a reflected XSS in the 404 page caused by including the requested path in the body tag’s class attribute without proper sanitization, enabling an attacker to craft a link with an onload attribute that executes arbitrary JavaScript in a...

6.1CVSS5.8AI score0.00564EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder