Lucene search
K

11 matches found

Patchstack
Patchstack
added 2026/03/06 8:50 a.m.5 views

WordPress VegaDays theme <= 1.2.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme VegaDays versions = 1.2.0...

5.8AI score0.00519EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/12 8:22 a.m.8 views

WordPress VikRentItems Flexible Rental Management System plugin <= 1.2.0 - Reflected Cross-Site Scripting via 'delto' Parameter vulnerability

Reflected Cross-Site Scripting via 'delto' Parameter vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin VikRentItems Flexible Rental Management System versions = 1.2.0...

6.1CVSS6.1AI score0.00211EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/08/22 4:49 p.m.5 views

GHSA-GCQF-PXGG-GW8Q Dpanel has an arbitrary file read vulnerability

Summary Dpanel has an arbitrary file read vulnerability in the /api/app/compose/get-from-uri interface.Logged in to Dpanel ,this interface can be used to read arbitrary files. Details When a user logs into the administrative backend, this interface can read any files on the host/sever given the...

6.1CVSS6.8AI score0.00434EPSS
Exploits0References4
CVE
CVE
added 2025/08/22 3:18 p.m.23 views

CVE-2025-53363

Summary: Dpanel (Go) versions 1.2.0–1.7.2 are affected by an arbitrary file read vulnerability in /api/app/compose/get-from-uri. The GetFromUri function passes the user-provided uri directly to os.ReadFile, enabling an authenticated user to read arbitrary files on the host and disclose sensitive ...

6.1CVSS5.8AI score0.00434EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.5 views

CVE-2025-54694

Cross-Site Request Forgery CSRF vulnerability in bPlugins Button Block button-block allows Cross Site Request Forgery.This issue affects Button Block: from n/a through = 1.2.0...

4.3CVSS5.9AI score0.00135EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/18 12:0 a.m.4 views

PT-2024-36790

Name of the Vulnerable Software and Affected Versions pyrage versions 1.2.0 through 1.2.2 Description The issue concerns the execution of arbitrary binaries due to malicious plugin names, recipients, or identities. This can occur when a plugin name containing a path separator is provided to the a...

9.8CVSS6AI score0.00472EPSS
Exploits0References28
Positive Technologies
Positive Technologies
added 2024/03/25 12:0 a.m.6 views

PT-2024-20651 · Openeuler · Aops-Zeus +1

Name of the Vulnerable Software and Affected Versions: openEuler aops-zeus versions 1.2.0 through 1.4.0 Description: The issue is related to an Improper Neutralization of Special Elements used in an OS Command, also known as 'OS Command Injection', which allows Command Injection. This problem is...

7.2CVSS7AI score0.01689EPSS
Exploits0References10
vulnersOsv
vulnersOsv
added 2022/05/14 3:13 a.m.3 views

br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1), com.amcbridge:build-configurator (>=1.0.5.0 <=1.0.6.1) +91 more potentially affected by CVE-2018-1000182 via org.jenkins-ci.plugins:git (>=1.2.0 <=3.9.0)

org.jenkins-ci.plugins:git MAVEN version =1.2.0, =1.0.5.0, =1.1.0, =1.9.2-beta, =1.9, =4.0.9, =1.1.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.1.0, =1.0.0, =1.0.22, =1.0.57 and more Source cves: CVE-2018-1000182 Source advisory: OSV:GHSA-53WF-VQF9-CGF2...

6.4CVSS6.7AI score0.00809EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/03/05 5:36 p.m.4 views

@apollosproject/apollos-cli (>=2.43.1 <=3.0.0-canary.57), @apollosproject/react-native-make (>=3.0.4 <=3.0.5) +22 more potentially affected by CVE-2021-29060 via color-string (>=1.2.0 <=1.5.3)

color-string NPM version =1.2.0, =2.43.1, =3.0.4, =3.0.2, =1.0.0, =2.1.2, =3.0.1, =2.4.0, =3.2.4, =0.0.0-alpha.1, =0.0.0, =0.0.0, =0.0.0, =0.0.3, =0.0.0, =0.0.7 and more Source cves: CVE-2021-29060 Source advisory: SNYK:JS-COLORSTRING-1082939...

5.3CVSS6.7AI score0.03134EPSS
Exploits1
CNVD
CNVD
added 2018/08/02 12:0 a.m.4 views

Apache Tomcat Native Authentication Vulnerability (CNVD-2018-15547)

Apache Tomcat is the United States Apache Apache Software Foundation under the Jakarta project of a lightweight Web application server , it is mainly used for the development and debugging of JSP programs for small and medium-sized systems.Apache Tomcat Native is a support for the use of native...

7.4CVSS7.5AI score0.04199EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/09/09 12:0 a.m.2 views

PT-2017-3183 · Bchunk +1 · Bchunk +1

Name of the Vulnerable Software and Affected Versions: bchunk versions 1.2.0 through 1.2.1 Description: The issue is related to pointer dereference errors. It can be exploited by a remote attacker using a specially crafted .cue file, potentially causing the application to crash. The problem arise...

5.5CVSS5.7AI score0.01EPSS
Exploits0References30
Rows per page
Query Builder