Lucene search
K

8 matches found

NVD
NVD
added 2026/05/13 9:16 p.m.12 views

CVE-2026-44376

CubeCart is an ecommerce software solution. Prior to 6.7.0, an unauthenticated Reflected XSS vulnerability exists in the CubeCart v6.x search feature. Due to a logic flaw in classes/catalogue.class.php, user input is reflected without sanitization only when a search returns exactly one product...

6.1CVSS0.00697EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/05/13 8:43 p.m.34 views

CVE-2026-45714 CubeCart: Server-Side Template Injection (SSTI) in Smarty Templates leading to RCE

CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection SSTI vulnerability exists in multiple modules of CubeCart including Email Templates, Invoices, Documents, and Contact Forms. The application unsafely evaluates user-supplied input using the...

9.1CVSS0.00415EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/10 12:0 a.m.5 views

Tenable Security Center < 6.7.0 (TNS-2025-21)

According to its self-reported version, the Tenable Security Center running on the remote host is prior to 6.7.0. It is, therefore, affected by a vulnerability as referenced in the TNS-2025-21 advisory. - In Tenable Security Center versions prior to 6.7.0, an improper access control vulnerability...

4.3CVSS5.8AI score0.00181EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/08 3:19 p.m.10 views

CVE-2025-36636 Improper Access Control

In Tenable Security Center versions prior to 6.7.0, an improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope...

4.3CVSS0.00181EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/06 12:0 a.m.4 views

Dell EMC RSA Archer Information Disclosure Vulnerability (CNVD-2020-31252)

Dell EMC RSA Archer is an enterprise IT governance and compliance governance product from Dell USA. The product enables the development of eGRC programs for managing enterprise risk, automating business processes, and more. An information disclosure vulnerability exists in versions prior to Dell...

4.3CVSS6.2AI score0.00795EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/26 12:0 a.m.3 views

ArcSight Logger Remote Code Execution Vulnerability

Micro Focus ArcSight Logger is a suite of log management software from Micro Focus UK. The software collects and integrates data from any log generation source for log management, searching, indexing, reporting, analysis and retention. An input validation vulnerability exists in Micro Focus...

7.8CVSS7AI score0.01374EPSS
Exploits0References1
OSV
OSV
added 2019/03/25 5:29 p.m.4 views

CVE-2019-3479

Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7...

9.8CVSS6.3AI score0.06924EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2007/11/29 2:58 p.m.2 views

pcre integer overflow

Integer overflow in Perl-Compatible Regular Expression PCRE library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large 1 min, 2 max, or 3 duplength values that cause an incorrect length calculation and trigger a buffer overflo...

6.8CVSS6.3AI score0.03661EPSS
Exploits0References4
Rows per page
Query Builder