Lucene search
K

13 matches found

EUVD
EUVD
added 2026/04/13 9:31 a.m.8 views

EUVD-2026-21881

The Product Filter for WooCommerce by WBW WordPress plugin before 3.1.3 does not sanitize and escape a parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

8.6CVSS5.9AI score0.00358EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

Drupal SAML SSO 安全漏洞

Drupal SAML SSO is an extension for Drupal-based content management systems that provides SAML-based single-sign-on authentication functionality. Versions of Drupal SAML SSO prior to 3.1.3 contained a security vulnerability, which was caused by improper input handling and could lead to cross-site...

6.1CVSS5.6AI score0.00193EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-22879

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote...

8.8CVSS7.5AI score0.04698EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/02/22 12:0 a.m.4 views

PT-2025-7607 · Vitepos · Vitepos

Name of the Vulnerable Software and Affected Versions: Vitepos versions prior to 3.1.3 Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured access control security levels. Recommendations: For versions prior to 3.1.3,...

6.5CVSS9.4AI score0.00317EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.7 views

PT-2024-32519

Name of the Vulnerable Software and Affected Versions Templately versions prior to 3.1.3 Description The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations For versions prior to 3.1.3, update to version...

9.8CVSS6.7AI score0.01695EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/05/08 12:0 a.m.2 views

Sonic Technology Shopfloor.guide 安全漏洞

Sonic Technology Shopfloor.guide is an application from Sonic Technology, Inc. A security vulnerability exists in Sonic Technology Shopfloor.guide versions prior to 3.1.3. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands via the level2 parameter...

9.8CVSS8AI score0.00568EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.2 views

Jinja Cross-Site Scripting Vulnerability

Pallets Jinja is a template engine written in the Python language. A security vulnerability exists in Jinja versions prior to 3.1.3, which stems from a cross-site scripting XSS vulnerability...

6.1CVSS8.3AI score0.00892EPSS
Exploits0References8
OSV
OSV
added 2021/04/14 1:15 p.m.3 views

DEBIAN-CVE-2021-22879

Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation...

8.8CVSS8.4AI score0.04698EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2019/07/08 12:0 a.m.5 views

PT-2019-13326 · Rencontre · Rencontre

Name of the Vulnerable Software and Affected Versions: Rencontre plugin versions prior to 3.1.3 Description: The issue allows for XSS attacks. This is due to a problem in the inc/rencontre widget.php file. Recommendations: For versions prior to 3.1.3, update to version 3.1.3 or later to resolve t...

6.1CVSS6AI score0.01129EPSS
Exploits0References6
OSV
OSV
added 2019/06/14 2:29 p.m.3 views

CVE-2019-11582

An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a crafted URI...

8.8CVSS7.8AI score0.04936EPSS
Exploits0References1
Prion
Prion
added 2017/01/23 9:59 p.m.15 views

Heap overflow

Heap-based buffer overflow in the decodeblock function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service application crash via vectors involving tile positions...

5CVSS7.6AI score0.02768EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2016/04/07 9:59 p.m.3 views

DEBIAN-CVE-2016-0729

Multiple buffer overflows in 1 internal/XMLReader.cpp, 2 util/XMLURL.cpp, and 3 util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service segmentation fault or memory corruption or possibly execute arbitrary code via a crafted...

9.8CVSS9.6AI score0.09115EPSS
Exploits0References1
OSV
OSV
added 2011/08/10 8:55 p.m.2 views

DEBIAN-CVE-2011-3122

Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security."...

10CVSS6.6AI score0.02573EPSS
Exploits0References1
Rows per page
Query Builder