Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/06/02 12:39 p.m.35 views

CVE-2026-39552 WordPress Blueprint theme < 1.1.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Code Supply Co. Blueprint allows PHP Local File Inclusion. This issue affects Blueprint: from n/a before 1.1.5...

8.1CVSS0.00334EPSS
Exploits0References1
OSV
OSV
added 2025/11/06 8:15 p.m.3 views

CVE-2025-34237

Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross-site scripting XSS vulnerability via StandaloneVpnClientsController.addStandaloneVpnClientAction. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the...

5.4CVSS5.9AI score0.00176EPSS
Exploits0References3
CVE
CVE
added 2025/11/06 7:49 p.m.10 views

CVE-2025-34246

Advantech WebAccess/VPN

6.5CVSS7.2AI score0.0026EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/06 7:44 p.m.3 views

CVE-2025-34239 Advantech WebAccess/VPN < 1.1.5 Command Injection in AppManagementController.appUpgradeAction()

Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in AppManagementController.appUpgradeAction that allows an authenticated system administrator to execute arbitrary commands as the web server user www-data by supplying a crafted uploaded filename...

8.6CVSS7.6AI score0.01616EPSS
Exploits0References3
OSV
OSV
added 2007/02/02 9:28 p.m.2 views

UBUNTU-CVE-2007-0667

The redirect function in Form.pm for 1 LedgerSMB before 1.1.5 and 2 SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872...

6.5CVSS6.2AI score0.01903EPSS
Exploits0References3
Rows per page
Query Builder