Lucene search
+L

146 matches found

Debian CVE
Debian CVE
added 2025/07/10 4:55 p.m.3 views

CVE-2024-47252

Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to log variables...

7.5CVSS7.2AI score0.00669EPSS
Exploits0
OSV
OSV
added 2025/07/10 4:55 p.m.6 views

CVE-2024-47252 Apache HTTP Server: mod_ssl error log variable escaping

Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to log variables...

7.5CVSS7AI score0.00669EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/06/27 12:0 a.m.4 views

WordPress plugin A/B Testing for WordPress 跨站脚本漏洞

WordPress A/B Testing for WordPress plugin is a plugin for A/B testing in WordPress websites, which is mainly used to help optimize website conversions by comparing the effects of different page elements such as titles, button colors, content, etc.. The WordPress A/B Testing for WordPress plugin...

6.4CVSS5.9AI score0.00182EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.4 views

WordPress plugin CSV Importer Improved 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress CSV Importer Improved plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...

5.9CVSS6AI score0.00218EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.3 views

WordPress plugin ANON::form embedded secure form 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress ANON::form embedded secure form plugin that stems from the application's lack of effective filtering and escaping of...

6.5CVSS5.9AI score0.00159EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.4 views

WordPress plugin Buying Buddy IDX CRM 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Buying Buddy IDX CRM plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...

6.5CVSS6AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.5 views

WordPress plugin Code Engine 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Code Engine plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...

6.5CVSS6AI score0.00197EPSS
Exploits0References1
CNVD
CNVD
added 2025/06/10 12:0 a.m.3 views

Laundry System edit_type.php file cross-site scripting vulnerability

Laundry System is a laundry system. Laundry System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter Type in the file /data/edittype.php, which can be exploited by an attacker to execute arbitrary...

5.4CVSS6.2AI score0.00239EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.4 views

Adobe Commerce 跨站脚本漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...

8.4CVSS5.9AI score0.007EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/03 12:0 a.m.5 views

WordPress plugin Newsletter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Newsletter plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...

4.8CVSS6AI score0.0021EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/06/03 12:0 a.m.4 views

WordPress plugin Shared Files 跨站脚本漏洞

WordPress and WordPress Plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Shared Files Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...

7.2CVSS6AI score0.00305EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 10:16 a.m.13 views

CVE-2024-2761

The Genesis Blocks WordPress plugin before 3.1.3 does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS attacks...

6.8CVSS5.8AI score0.00665EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.7 views

CVE-2021-24708

The Export any WordPress data to XML/CSV WordPress plugin before 1.3.1 does not escape its Export's Name before outputting it in Manage Exports settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS6AI score0.00598EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.6 views

IceWarp Mail Server 跨站脚本漏洞

IceWarp Mail Server is a mail server product from the Czech company IceWarp IceWarp. The product supports email archiving, SmartAttach attachments, automatic migration and more. A cross-site scripting vulnerability exists in IceWarp Mail Server, which stems from the application's lack of effectiv...

6.1CVSS6.2AI score0.00183EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.5 views

WordPress plugin Awesome Gallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Awesome Gallery plugin, which stems from the application's lack of effective filtering and escaping of user-supplied...

6.5CVSS6.2AI score0.0021EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/10 12:0 a.m.5 views

IBM Sterling Control Center 跨站脚本漏洞

IBM Sterling Control Center is an application system from International Business Machines IBM. A centralized monitoring and management system. IBM Sterling Control Center suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping o...

5.4CVSS6AI score0.00217EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.4 views

Fortinet FortiWeb 安全漏洞

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content...

7.2CVSS6.5AI score0.00424EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/26 12:0 a.m.6 views

WordPress plugin Blue Captcha 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Blue Captcha plugin has a cross-site scripting vulnerability, the vulnerability stems from the lack...

7.1CVSS6.4AI score0.00294EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/21 12:0 a.m.4 views

Dreamer CMS 代码注入漏洞

Dreamer CMS is a dreamer content management system. Dreamer CMS version 4.1.3 suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the editorValue, answer and content parameters in the /admin/archives/edit...

5.1CVSS6.1AI score0.00312EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/06 12:0 a.m.6 views

IBM Sterling B2B Integrator 跨站脚本漏洞

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. IBM Sterling B2B Integrator suffe...

5.5CVSS6.1AI score0.00216EPSS
Exploits0References1
Rows per page
Query Builder