Lucene search
K

87 matches found

Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.7 views

PT-2024-19483 · Shopsite · Shopsite

Name of the Vulnerable Software and Affected Versions: ShopSite version 14.0 Description: An arbitrary file upload issue in the /alsdemo/ss/mediam.cgi component allows attackers to execute arbitrary code by uploading a crafted SVG file. Recommendations: For ShopSite version 14.0, consider disabli...

6.1CVSS7.8AI score0.00574EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.8 views

PT-2024-15938 · Unknown · Codeastro Stock Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Stock Management System version 1.0 Description: A vulnerability was found in the CodeAstro Stock Management System, affecting some unknown processing of the file /index.php of the component Add Category Handler. The manipulation of...

5.4CVSS4.2AI score0.00562EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/01/21 12:0 a.m.3 views

PT-2024-15807 · Nsasoft · Nsasoft Product Key Explorer

Name of the Vulnerable Software and Affected Versions: Nsasoft Product Key Explorer version 4.0.9 Description: A vulnerability has been found in the component Registration Handler of Nsasoft Product Key Explorer. The manipulation of the argument Name/Key leads to memory corruption. An attack has ...

5.5CVSS5.6AI score0.00304EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/01/21 12:0 a.m.6 views

PT-2024-15811 · Linzhaoguan · Linzhaoguan Pb-Cms

Name of the Vulnerable Software and Affected Versions: LinZhaoguan pb-cms version 2.0 Description: A problematic issue has been found in the Comment Handler component of the software, allowing for cross-site scripting through the manipulation of input, such as . This can be exploited remotely...

5.4CVSS6.4AI score0.00565EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/01/12 12:0 a.m.7 views

PT-2024-14042 · Qstar · Qstar Archive Solutions

Name of the Vulnerable Software and Affected Versions: QStar Archive Solutions version RELEASE 3-0 Build 7 Patch 0 Description: A DOM Based Reflected Cross Site Scripting XSS issue was found in the qnme-ajax component, specifically in the method=tree level endpoint. This allows for potential...

8.8CVSS6.7AI score0.00318EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.4 views

PT-2023-31595 · Unknown +1 · Jline-Groovy +1

Name of the Vulnerable Software and Affected Versions: jline-groovy version 3.24.1 Description: An issue in the component GroovyEngine.execute of jline-groovy allows attackers to cause an out of memory OOM error. Recommendations: For version 3.24.1, consider disabling the GroovyEngine.execute...

5.5CVSS5.6AI score0.00253EPSS
Exploits1References16
Positive Technologies
Positive Technologies
added 2023/12/28 12:0 a.m.5 views

PT-2023-31572 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.8 Description: A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For SeaCMS version 12.8,...

5.4CVSS5.2AI score0.00452EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2023/12/28 12:0 a.m.6 views

PT-2023-32915 · Unknown · Sourcecodester Engineers Online Portal

Name of the Vulnerable Software and Affected Versions: SourceCodester Engineers Online Portal version 1.0 Description: A vulnerability was found in the component Add Engineer Handler of the SourceCodester Engineers Online Portal. The manipulation of the argument first name/last name with the inpu...

6.1CVSS4.5AI score0.00311EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/12/27 12:0 a.m.5 views

PT-2023-31725 · Unknown · Com.Sdjictec.Qdmetro

Name of the Vulnerable Software and Affected Versions: com.sdjictec.qdmetro version 4.2.2 Description: An issue in the export component AdSdkH5Activity of com.sdjictec.qdmetro allows attackers to open a crafted URL without any filtering or checking. Recommendations: For version 4.2.2, consider...

5.3CVSS5.2AI score0.00425EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/12/27 12:0 a.m.9 views

PT-2023-28839

Name of the Vulnerable Software and Affected Versions Shenzhen TCL Browser TV Web BrowseHere aka com.tcl.browser version 6.65.022 dab24cc6 231221 gp Description The issue allows a remote attacker to execute arbitrary JavaScript code via the com.tcl.browser.portal.browse.activity.BrowsePageActivit...

9.8CVSS8.8AI score0.01059EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/12/07 12:0 a.m.4 views

PT-2023-31426 · Typecho · Typecho

Name of the Vulnerable Software and Affected Versions: Typecho version 1.2.1 Description: The issue is related to an XML Quadratic Blowup attack. This attack can be executed via the component /index.php/action/xmlrpc. Recommendations: For Typecho version 1.2.1, consider disabling the...

7.5CVSS7.4AI score0.00756EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/12/04 12:0 a.m.9 views

PT-2023-31020 · Unknown · Thinkadmin

Name of the Vulnerable Software and Affected Versions: ThinkAdmin version 6.1.53 Description: An arbitrary file upload issue in the /admin/api.upload/file component allows attackers to execute arbitrary code via a crafted Zip file. Recommendations: For ThinkAdmin version 6.1.53, consider disablin...

8.8CVSS8.8AI score0.01091EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/12/02 12:0 a.m.5 views

PT-2023-32681 · Phpems · Phpems

Name of the Vulnerable Software and Affected Versions: PHPEMS version 7.0 Description: A problematic issue has been found in the Content Section Handler component, specifically affecting the file appcontentclsapi.cls.php. This issue leads to cross-site scripting and can be initiated remotely. The...

4.8CVSS6.4AI score0.00605EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/11/15 12:0 a.m.3 views

PT-2023-30726 · Grocy · Grocy

Name of the Vulnerable Software and Affected Versions: Grocy version 4.0.3 Description: The issue allows a local attacker to execute arbitrary code and obtain sensitive information via the equipment description component within the "/equipment/" component. Recommendations: For Grocy version 4.0.3...

5.4CVSS5.9AI score0.0077EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/11/07 12:0 a.m.10 views

PT-2025-18850 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the wifi: mt76: connac component, where WED status is not checked for non-mmio devices. This can lead...

8.8CVSS7.5AI score0.16642EPSS
Exploits11References472
Positive Technologies
Positive Technologies
added 2023/10/11 12:0 a.m.4 views

PT-2023-26610 · Inspect Element · Echo.Ac

Name of the Vulnerable Software and Affected Versions: Inspect Element Ltd Echo.ac version 5.2.1.0 Description: An issue in Inspect Element Ltd Echo.ac allows a local attacker to gain privileges via a crafted command to the echo driver.sys component. This issue has been reportedly used by various...

7.8CVSS7.9AI score0.00452EPSS
Exploits1References18
Positive Technologies
Positive Technologies
added 2023/09/27 12:0 a.m.5 views

PT-2023-28739 · Yzncms · Yzncms

Name of the Vulnerable Software and Affected Versions: YZNCMS version 1.3.0 Description: A stored cross-site scripting XSS issue in the cms/content/edit component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter. This enables...

6.1CVSS6AI score0.00308EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/09/14 12:0 a.m.5 views

PT-2023-28287 · Lenosp · Lenosp

Name of the Vulnerable Software and Affected Versions: lenosp versions 1.0 through 1.2.0 Description: The issue allows attackers to execute HTML code via a crafted JPG file. This is achieved through an arbitrary file upload vulnerability in the /user/upload component. Recommendations: For version...

8.8CVSS8.5AI score0.00618EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/09/09 12:0 a.m.4 views

PT-2023-8074 · Sourcecodester · Sourcecodester Simple Book Catalog App

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Book Catalog App version 1.0 Description: A vulnerability has been found in the Update Book Form component of the SourceCodester Simple Book Catalog App. The manipulation of the book title and book author arguments leads...

6.1CVSS4.2AI score0.00603EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2023/09/01 12:0 a.m.5 views

PT-2023-27077 · Typora · Typora

Name of the Vulnerable Software and Affected Versions: Typora version 1.6.7 Description: A cross site scripting XSS issue in the Markdown Editor component allows attackers to execute arbitrary code via uploading a crafted Markdown file. Recommendations: For Typora version 1.6.7, consider disablin...

6.1CVSS6.3AI score0.00455EPSS
Exploits1References3
Rows per page
Query Builder