Lucene search
K

200 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-1067

Malware in sbrugna...

4.3CVSS6.4AI score0.01892EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-20414

Malware in sbrugna...

6.1CVSS6.3AI score0.00707EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-5076

Malware in sbrugna...

4.3CVSS6.4AI score0.01842EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-4248

Malware in sbrugna...

6.1CVSS6.3AI score0.00865EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-4902

Malware in sbrugna...

4.3CVSS6.4AI score0.03919EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-26563

Malware in sbrugna...

5.4CVSS5.5AI score0.00538EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-32304

Malicious code in bioql PyPI...

6.6AI score0.00425EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/03 12:0 a.m.4 views

CVE-2025-57423

A SQL injection vulnerability was discovered in the /articles endpoint of MyClub 0.5, affecting the query parameters Content, GroupName, PersonName, lastUpdate, pool, and title. Due to insufficient input sanitisation, an unauthenticated remote attacker could inject arbitrary SQL commands via a...

7.5AI score0.00425EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/10 12:0 a.m.4 views

Portabilis i‑Diário 代码注入漏洞

Portabilis i-Diário is an open source school calendar and teacher interaction management system from Portabilis, Brazil. A code injection vulnerability exists in Portabilis i-Diário 1.5.0 and earlier versions, which stems from the parameter Registro de atividades/Conteúdos in file...

5.4CVSS4.8AI score0.00264EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/23 10:17 a.m.4 views

CVE-2024-32343

A cross-site scripting XSS vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter...

6.1CVSS5.8AI score0.00413EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:22 a.m.5 views

CVE-2024-3559

The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the 'cfspostcontent' parameter versions up to, and including, 2.6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev...

6.4CVSS6AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:14 a.m.3 views

CVE-2024-30618

A Stored Cross-Site Scripting XSS Vulnerability in Chamilo LMS 1.11.26 allows a remote attacker to execute arbitrary JavaScript in a web browser by including a malicious payload in the 'content' parameter of 'grouptopics.php'...

6.1CVSS6AI score0.00381EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:21 a.m.8 views

CVE-2024-44851

A stored cross-site scripting XSS vulnerability in the Discussion section of Perfex CRM v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter...

5.4CVSS5.6AI score0.00375EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:44 p.m.9 views

CVE-2021-3224

A stored cross-site scripting XSS vulnerability in cszcms 1.2.9 exists in /admin/pages/new via the content parameter...

5.4CVSS5.6AI score0.00538EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/10 12:3 p.m.10 views

CVE-2025-30166

Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. An HTML injection issue allows users with access to the email sending functionality to inject arbitrary HTML code into emails sent via the admin interface, potentially leading to session cookie theft and the alteration of page...

1.8CVSS7.4AI score0.00222EPSS
Exploits0References1
NVD
NVD
added 2025/04/08 11:15 a.m.56 views

CVE-2025-30166

Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. An HTML injection issue allows users with access to the email sending functionality to inject arbitrary HTML code into emails sent via the admin interface, potentially leading to session cookie theft and the alteration of page...

4.8CVSS0.00222EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/25 12:0 a.m.4 views

PT-2025-1603 · WordPress · The Quiz Maker Business +2

Name of the Vulnerable Software and Affected Versions: The Quiz Maker Business, Developer, and Agency plugins for WordPress versions 8.8.0 and earlier Business The Quiz Maker Business, Developer, and Agency plugins for WordPress versions 21.8.0 and earlier Developer The Quiz Maker Business,...

6.1CVSS6.8AI score0.00307EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.4 views

SpringBoot-Blog 跨站脚本漏洞

SpringBoot-Blog is a Java blogging system for wand individual developers. A security vulnerability exists in SpringBoot-Blog version 1.0, which originates from the parameter content in file src/main/java/com/my/blog/website/controller/admin/PageController.java that can lead to a cross-site...

5.4CVSS3.9AI score0.00389EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.5 views

WordPress plugin Toggles Shortcode and Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

4.4CVSS7.6AI score0.00254EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/12/11 12:12 a.m.5 views

WordPress Waymark plugin <= 1.4.1 - Reflected Cross-Site Scripting via 'content' vulnerability

Reflected Cross-Site Scripting via 'content' vulnerability discovered by vgo0 in WordPress Plugin Waymark versions = 1.4.1...

6.1CVSS6.3AI score0.00346EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder