Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/02 1:34 p.m.9 views

CVE-2026-39555

Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. This issue affects Askka: from n/a through 1.3.1...

8.1CVSS5.8AI score0.00255EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/12 4:45 p.m.26 views

CVE-2026-28356 ReDoS in multipart 1.3.0 - `parse_options_header()`

multipart is a fast multipart/form-data parser for python. Prior to 1.2.2, 1.3.1 and 1.4.0-dev, the parseoptionsheader function in multipart.py uses a regular expression with an ambiguous alternation, which can cause exponential backtracking ReDoS when parsing maliciously crafted HTTP or multipar...

7.5CVSS0.00606EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/29 12:0 a.m.22 views

CVE-2025-69516

A Server-Side Template Injection SSTI vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting versions equal to or earlier than v1.3.1, allows low-privileged users with Report Viewer or Report Manager permissions to achieve remote command execution on the...

0.021EPSS
Exploits4References3
CVE
CVE
added 2025/12/03 3:27 a.m.24 views

CVE-2025-13495

CVE-2025-13495 affects FluentCart A New Era of eCommerce WordPress plugin up to version 1.3.1. The vulnerability is an authenticated SQL Injection via the groupKey parameter, exploitable by Administrators with high privileges. Public advisories (Wordfence, Patchstack, NVD) confirm the issue and p...

4.9CVSS6.2AI score0.00277EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.3 views

WordPress plugin Headline Analyzer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in th...

6.5CVSS8.5AI score0.0031EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/06 12:0 a.m.4 views

PT-2024-30895 · Viala · Viala

Name of the Vulnerable Software and Affected Versions: viala versions 1.3.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS attacks. Recommendations: For versions...

7.1CVSS6AI score0.0026EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/01/14 12:0 a.m.8 views

PT-2024-15640 · Unknown · Cxbsoft Url-Shorting

Name of the Vulnerable Software and Affected Versions: CXBSoft Url-shorting versions up to 1.3.1 Description: A critical issue has been found in the processing of the file /admin/pages/update go.php of the component HTTP POST Request Handler. The manipulation of the version argument leads to SQL...

9.8CVSS7.1AI score0.00698EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/04/10 12:0 a.m.6 views

PT-2023-22210 · Apache · Apache Linkis

Name of the Vulnerable Software and Affected Versions: Apache Linkis versions 1.3.1 and earlier Description: The issue arises because parameters are not effectively filtered in Apache Linkis, allowing an attacker to use the MySQL data source and malicious parameters to configure a new data source...

9.8CVSS7.8AI score0.0212EPSS
Exploits0References8
Rows per page
Query Builder