Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/03/06 7:53 a.m.6 views

CVE-2026-22438

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in foreverpinetree TheBi thebi allows Reflected XSS.This issue affects TheBi: from n/a through = 1.0.5...

7.1CVSS5.8AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.6 views

CVE-2026-22365

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Soleng soleng allows PHP Local File Inclusion.This issue affects Soleng: from n/a through = 1.0.5...

8.1CVSS5.5AI score0.00403EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.3 views

EUVD-2025-202043

Missing Authorization vulnerability in Hype Hype pico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hype: from n/a through = 1.0.5...

6.5AI score0.00311EPSS
Exploits0References2
CVE
CVE
added 2025/08/14 6:32 p.m.22 views

CVE-2025-8975

CVE-2025-8975 affects givanz Vvveb up to 1.0.5, where the slug parameter is mishandled in the file admin/template/content/edit.tpl, enabling cross-site scripting. The issue can be exploited remotely and the exploit has been disclosed publicly. A fix is available in version 1.0.6; patch hash: 84c1...

5.4CVSS6.4AI score0.00264EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.5 views

PT-2024-35067 · Unknown · Ekiline Block Collection

Name of the Vulnerable Software and Affected Versions: Ekiline Block Collection versions 1.0.0 through 1.0.5 Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for DOM-Based XSS attacks...

6.5CVSS6AI score0.00231EPSS
Exploits0References4
OSV
OSV
added 2024/11/01 3:15 p.m.3 views

CVE-2024-43341

Missing Authorization vulnerability in CozyThemes Hello Agency allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hello Agency: from n/a through 1.0.5...

9.8CVSS5.8AI score0.00465EPSS
Exploits0References1
OSV
OSV
added 2024/08/29 6:15 p.m.3 views

CVE-2024-43958

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Gianni Porto IntoTheDark allows Reflected XSS.This issue affects IntoTheDark: from n/a through 1.0.5...

6.1CVSS5.8AI score0.00256EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/22 12:0 a.m.6 views

PT-2023-27751 · Unknown · Juplink Rx4-1500

Name of the Vulnerable Software and Affected Versions: Juplink RX4-1500 versions V1.0.2 through V1.0.5 Description: The issue allows remote authenticated attackers to execute commands via specially crafted requests to the vulnerable endpoint "homemng.htm". This enables attackers to inject command...

8.8CVSS8.6AI score0.0174EPSS
Exploits0References6
CNVD
CNVD
added 2017/11/17 12:0 a.m.3 views

tcmu-runner null pointer backreference vulnerability

tcmu-runner is a daemon for handling user space for LIO TCM user backend storage. A security vulnerability exists in the 'onunregisterhandler' function in tcmu-runner versions 1.0.5 through 1.2.0. An attacker can exploit the vulnerability to cause a denial of service null pointer backreference...

7.5CVSS6.7AI score0.01392EPSS
Exploits0References1
Rows per page
Query Builder