Lucene search
K

89 matches found

Vulnrichment
Vulnrichment
added 2025/08/19 3:32 p.m.3 views

CVE-2025-9145 Scada-LTS SVG File view_edit.shtm cross site scripting

A security vulnerability has been detected in Scada-LTS 2.7.8.1. This issue affects some unknown processing of the file viewedit.shtm of the component SVG File Handler. Such manipulation of the argument backgroundImageMP leads to cross site scripting. The attack can be launched remotely. The...

5.1CVSS6.5AI score0.00256EPSS
Exploits1References5
OSV
OSV
added 2025/08/19 3:32 p.m.6 views

CVE-2025-9145 Scada-LTS SVG File view_edit.shtm cross site scripting

A security vulnerability has been detected in Scada-LTS 2.7.8.1. This issue affects some unknown processing of the file viewedit.shtm of the component SVG File Handler. Such manipulation of the argument backgroundImageMP leads to cross site scripting. The attack can be launched remotely. The...

5.1CVSS4.1AI score0.00256EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/08/19 12:0 a.m.3 views

Scada-LTS 代码注入漏洞

Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A code injection vulnerability exists in Scada-LTS version 2.7.8.1, which originates from a cross-site scripting attack due to misuse of the file viewedit.shtm parameter backgroundImageMP in the component...

5.4CVSS6.7AI score0.00256EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.8 views

PT-2025-33743 · Scada-Lts · Scada-Lts

Name of the Vulnerable Software and Affected Versions: Scada-LTS version 2.7.8.1 Description: A security issue exists in Scada-LTS 2.7.8.1 related to the processing of the view edit.shtm file within the SVG File Handler component. Manipulation of the backgroundImageMP argument can lead to...

5.1CVSS6.7AI score0.00256EPSS
Exploits1References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.1 views

Malicious code in background-image (npm)

The package background-image was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-15320 Malicious code in background-image (npm)

The package background-image was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:25 p.m.8 views

CVE-2021-25278

FTAPI 4.0 through 4.10 allows XSS via an SVG document to the Background Image upload feature in the Submit Box Template Editor...

4.8CVSS5.9AI score0.0056EPSS
Exploits0References1
NVD
NVD
added 2025/05/15 8:15 p.m.4 views

CVE-2024-11221

The Full Screen Page Background Image Slideshow WordPress plugin through 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

4.8CVSS0.00302EPSS
Exploits1References1
OSV
OSV
added 2024/12/30 5:15 p.m.7 views

CVE-2024-12754

AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

5.5CVSS6.2AI score0.01165EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/24 12:0 a.m.6 views

PT-2024-17727 · Anydesk · Anydesk

Name of the Vulnerable Software and Affected Versions: AnyDesk versions prior to 9.0.1 Description: This issue allows local attackers to disclose sensitive information on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target syst...

5.5CVSS5.4AI score0.01165EPSS
Exploits0References42
0day.today
0day.today
added 2024/04/21 12:0 a.m.280 views

Wordpress Background Image Cropper v1.2 Plugin - Remote Code Execution Exploit

Exploit Title: Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution Author: Milad Karimi Ex3ptionaL Contact: email protected Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: https://wordpress.org Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/19 12:0 a.m.173 views

WordPress Background Image Cropper 1.2 Shell Upload

Exploit Title: Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution Date: 2024-04-16 Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: https://wordpress.org Software Link:...

7.4AI score
Exploits0
OSV
OSV
added 2024/03/06 11:11 a.m.20 views

BIT-WORDPRESS-2020-28040

WordPress before 5.5.2 allows CSRF attacks that change a theme's background image...

4.3CVSS6.5AI score0.01068EPSS
Exploits0References8
OSV
OSV
added 2024/03/06 11:11 a.m.20 views

BIT-WORDPRESS-MULTISITE-2020-28040

WordPress before 5.5.2 allows CSRF attacks that change a theme's background image...

4.3CVSS6.5AI score0.01068EPSS
Exploits0References8
VulnCheck KEV
VulnCheck KEV
added 2023/07/05 12:0 a.m.6 views

VulnCheck KEV: CVE-2022-31374

An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file...

9.8CVSS7.6AI score0.0241EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/06/28 12:0 a.m.7 views

Mermaid 跨站脚本漏洞

Mermaid is a software application. Create charts and visualizations using text and code. A cross-site scripting vulnerability exists in Mermaid versions prior to 9.1.3, which stems from the fact that whenever there is an actual match, the browser issues an http request to load a background image,...

6.1CVSS5.8AI score0.00849EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/06/21 1:15 p.m.3 views

CVE-2022-31374

An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file...

9.8CVSS7.7AI score0.0241EPSS
Exploits1References2
OSV
OSV
added 2022/06/21 1:15 p.m.3 views

CVE-2022-31374

An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file...

9.8CVSS7.6AI score0.0241EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:21 p.m.3 views

Malicious code in wix-bg-image (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0e057e63506fd36e86a5d6687f73c1c4f071d94298b337d14b0a07a4f5922879 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
CNNVD
CNNVD
added 2022/03/22 12:0 a.m.12 views

WordPress plugin Optimole 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress plugin Optimole version 3.3.2 has a cross-site scripting vulnerability that stems from the failure of image optimization and...

4.8CVSS5.2AI score0.0073EPSS
Exploits2References4
Rows per page
Query Builder