CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

358 matches found

Caldera Forms < 1.9.7 - Reflected Cross-Site Scripting

Caldera Forms WordPress plugin 1.9.7 contains a reflected cross-site scripting caused by lack of validation and escaping of the cf-api parameter in responses, letting attackers execute arbitrary scripts in victim's browser, exploit requires attacker to craft a malicious request. id: CVE-2022-0879...

6.1CVSS6.5AI score0.01168EPSS

Exploits2References3

RedhatCVE•added 2026/01/09 11:40 a.m.•7 views

CVE-2001-1576

Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument...

4.6CVSS7.9AI score0.00533EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:45 a.m.•3 views

CVE-2022-0879

The Caldera Forms WordPress plugin before 1.9.7 does not validate and escape the cf-api parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.7AI score0.01168EPSS

Exploits2References1

RedhatCVE•added 2026/01/07 9:40 a.m.•6 views

CVE-1999-0712

A vulnerability in Caldera Open Administration System COAS allows the /etc/shadow password file to be made world-readable...

2.1CVSS7AI score0.00402EPSS

Exploits0References1

Packet Storm News•added 2025/12/17 12:0 a.m.•4 views

Bounty Hunter: Autonomous, Comprehensive Emulation of Multi-Faceted Adversaries

Adversary emulation is an essential procedure for cybersecurity assessments such as evaluating an organization's security posture or facilitating structured training and research in dedicated environments. To allow for systematic and time-efficient assessments, several approaches from academia an...

6.8AI score

Exploits0