Lucene search
K

85 matches found

OSV
OSV
added 2026/06/07 7:24 p.m.5 views

MINI-M4MJ-4377-2QMW

Bulletin has no description...

6.1CVSS5.2AI score0.00178EPSS
Exploits0
Circl
Circl
added 2026/05/28 4:55 a.m.13 views

CVE-2026-4377

creationtimestamp| type| source ---|---|--- 2026-05-28 04:55:00+00:00| seen| https://cert.pl/en/posts/2026/05/CVE-2026-4377 2026-05-28 14:43:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmwb2kmmpq2p...

6CVSS5.8AI score0.00141EPSS
Exploits0References2
OSV
OSV
added 2026/05/18 1:46 p.m.10 views

MINI-27V9-4377-JVQP

Bulletin has no description...

7.5CVSS5.7AI score0.00159EPSS
Exploits0
EUVD
EUVD
added 2026/01/23 2:28 p.m.7 views

EUVD-2026-4377

Missing Authorization vulnerability in monetagwp Monetag Official Plugin monetag-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Monetag Official Plugin: from n/a through = 1.1.3...

5.4AI score0.00209EPSS
Exploits0References2
OSV
OSV
added 2025/12/05 12:12 p.m.3 views

ECHO-4377-3F2B-771F

Bulletin has no description...

6.4CVSS6.9AI score0.00265EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 12:46 a.m.12 views

CVE-2022-4377

A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack can be launched...

5.4CVSS6.2AI score0.00365EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:50 p.m.6 views

CVE-2021-4377

The Doneren met Mollie plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.8.5 via the dmmexportdonations function which is called via the adminpostdmmexport hook due to missing capability checks. This can allow authenticated attackers to extract a CS...

6.5CVSS5.9AI score0.01041EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/11 6:17 a.m.19 views

CVE-2025-4377

Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem. Logview is accessible on Pro Cloud Server Configuration interface. This issue affects Pr...

8.3CVSS7AI score0.00621EPSS
Exploits0References3
NVD
NVD
added 2025/05/09 6:15 a.m.15 views

CVE-2025-4377

Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem. Logview is accessible on Pro Cloud Server Configuration interface. This issue affects Pr...

8.3CVSS0.00621EPSS
Exploits0References1
CVE
CVE
added 2025/05/09 5:12 a.m.71 views

CVE-2025-4377

Sparx Systems Pro Cloud Server is affected by CVE-2025-4377 due to an Improper Limitation of a Pathname in logview.php, enabling a Path Traversal that allows reading arbitrary files on the filesystem. The issue affects Pro Cloud Server versions earlier than 6.0.165 and is exposed via the Pro Clou...

8.3CVSS6.7AI score0.00621EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/09 5:12 a.m.32 views

CVE-2025-4377 Path traversal vulnerability in Sparx Pro Cloud Server WebEA webconfig in logview.php

Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem. Logview is accessible on Pro Cloud Server Configuration interface. This issue affects Pr...

8.3CVSS0.00621EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/09 5:12 a.m.8 views

CVE-2025-4377 Path traversal vulnerability in Sparx Pro Cloud Server WebEA webconfig in logview.php

Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem. Logview is accessible on Pro Cloud Server Configuration interface. This issue affects Pr...

8.3CVSS7AI score0.00621EPSS
Exploits0References1
OSV
OSV
added 2024/11/08 10:6 a.m.11 views

CGA-8V3F-VP8M-4377

Bulletin has no description...

7.5CVSS8.2AI score0.01127EPSS
Exploits0
NVD
NVD
added 2024/06/21 6:15 a.m.28 views

CVE-2024-4377

The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.1CVSS0.00315EPSS
Exploits2References1
OSV
OSV
added 2024/06/21 6:15 a.m.4 views

CVE-2024-4377

The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00315EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/06/21 6:0 a.m.24 views

CVE-2024-4377 DOP Shortcodes <= 1.2 - Contributor+ Stored XSS via Shortcode

The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

0.00315EPSS
Exploits2References1
CVE
CVE
added 2024/06/21 6:0 a.m.57 views

CVE-2024-4377

CVE-2024-4377 affects the DOP Shortcodes WordPress plugin (versions

6.1CVSS5.5AI score0.00315EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/21 6:0 a.m.18 views

CVE-2024-4377 DOP Shortcodes <= 1.2 - Contributor+ Stored XSS via Shortcode

The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.8AI score0.00315EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/06/21 12:0 a.m.14 views

WordPress DOP Shortcodes Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)

Software DOP Shortcodes Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4377 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 358272ad2236 Credits Bob Matyas Required privilege...

6.1CVSS5.7AI score0.00315EPSS
Exploits2References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/08/03 12:0 a.m.26 views

Oracle Linux 9 : kernel (ELSA-2023-4377)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-4377 advisory. - Fix KVM: x86/mmu: Fix race condition in directpagefault Orabug: 35673032 CVE-2022-45869 - prlimit: doprlimit needs to have a speculation check...

7.8CVSS7AI score0.01377EPSS
Exploits6References6
Rows per page
Query Builder