CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

84 matches found

Positive Technologies•added 2024/03/19 12:0 a.m.•2 views

PT-2024-22414 · Unknown · Advanced Plugins Reportsstatistics

Name of the Vulnerable Software and Affected Versions: Advanced Plugins reportsstatistics versions 1.3.20 and earlier Description: An issue in Advanced Plugins reportsstatistics allows a remote attacker to execute arbitrary code via the Sales Reports, Statistics, Custom Fields & Export module...

9.8CVSS8.3AI score0.01973EPSS

Exploits0References7

Positive Technologies•added 2024/03/05 12:0 a.m.•2 views

PT-2024-21972 · Unknown · Cms Made Simple

Name of the Vulnerable Software and Affected Versions: CMS Made Simple versions 2.2.19 through 2.2.21 Description: A remote code execution issue has been identified in the User Defined Tags module of CMS Made Simple. This issue arises from inadequate sanitization of user-supplied input in the...

7.2CVSS8.1AI score0.04742EPSS

Exploits1References10

Positive Technologies•added 2024/02/21 12:0 a.m.•2 views

PT-2024-21401 · Kirby Cms · Kirby Cms

Name of the Vulnerable Software and Affected Versions: Kirby CMS version 4.1.0 Description: A stored cross-site scripting XSS vulnerability in the Edit Content Layout module allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Link field. The vendor's...

6.1CVSS5.9AI score0.0009EPSS

Exploits1References10

Positive Technologies•added 2024/02/21 12:0 a.m.•3 views

PT-2024-21399 · Kirby Cms +1 · Kirby Cms +1

Name of the Vulnerable Software and Affected Versions: Kirby CMS version 4.1.0 Description: An HTML injection issue exists in the Edit Content Layout module. The vendor disputes the significance of this report, stating that some HTML formatting is allowed and backend sanitization prevents the...

9.8CVSS7.7AI score0.00449EPSS

Exploits4References607

OSV•added 2024/02/09 12:15 a.m.•4 views

DEBIAN-CVE-2024-24820

Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environment are protected against cross site request forgery CSRF. It enables attackers to perform changes in the monitoring...

8.3CVSS7.2AI score0.00069EPSS

Exploits1References1

OSV•added 2024/02/09 12:0 a.m.•22 views

CVE-2024-24820 Icinga Director configuration is susceptible to Cross-Site Request Forgery

8.3CVSS7.8AI score0.00069EPSS

Exploits1References8

Vulnrichment•added 2024/02/09 12:0 a.m.•1 views

CVE-2024-24820 Icinga Director configuration is susceptible to Cross-Site Request Forgery

8.3CVSS6.2AI score0.00069EPSS

Exploits1References6

Debian CVE•added 2024/02/09 12:0 a.m.•12 views

CVE-2024-24820

8.3CVSS8.4AI score0.00069EPSS

Exploits1

Positive Technologies•added 2023/12/20 12:0 a.m.•2 views

PT-2023-22279 · Heimdal · Heimdal Thor Agent

Name of the Vulnerable Software and Affected Versions: Heimdal Thor agent versions 3.4.2 and before on Windows Heimdal Thor agent versions 2.6.9 and before on macOS Description: An issue in the Heimdal Thor agent allows attackers to cause a denial of service DoS via the Threat To Process...

9.1CVSS6.9AI score0.00073EPSS

Exploits1References5

OSV•added 2023/12/06 9:15 a.m.•0 views

CVE-2023-6273

Permission management vulnerability in the module for disabling Sound Booster. Successful exploitation of this vulnerability may cause features to perform abnormally...

5.3CVSS5.8AI score0.00037EPSS

Exploits0References2

Positive Technologies•added 2023/12/06 12:0 a.m.•1 views

PT-2023-32586 · Unknown · Sound Booster

Name of the Vulnerable Software and Affected Versions: Sound Booster affected versions not specified Description: The issue concerns a permission management vulnerability in the module for disabling Sound Booster. Successful exploitation of this vulnerability may cause features to perform...

5.3CVSS6.8AI score0.00037EPSS

Exploits0References4

Positive Technologies•added 2023/10/28 12:0 a.m.•2 views

PT-2023-7967 · Majordomo · Majordomo

Name of the Vulnerable Software and Affected Versions: MajorDoMo version before 0662e5e Description: The issue is related to the thumb.php module in MajorDoMo, which allows command execution via shell metacharacters. This can be exploited by a remote attacker to execute arbitrary commands. The...

10CVSS9.5AI score0.92637EPSS

Exploits6References24

Positive Technologies•added 2023/10/24 12:0 a.m.•2 views

PT-2023-29967 · Unknown · Product Catalog (Csv

Name of the Vulnerable Software and Affected Versions: Product Catalog CSV, Excel, XML Export PRO versions up to 4.1.1 Description: A path traversal attack can be performed by a guest to download personal information without restriction. This is due to a lack of permissions control and a lack of...

7.5CVSS6.8AI score0.00259EPSS

Exploits0References4

Positive Technologies•added 2023/09/14 12:0 a.m.•2 views

PT-2023-27729 · Webmin · Webmin

Name of the Vulnerable Software and Affected Versions: Webmin version 2.100 Description: A stored cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cloned module name parameter. This enables attackers to potentially...

5.4CVSS5.3AI score0.00204EPSS

Exploits1References5

Positive Technologies•added 2023/09/05 12:0 a.m.•3 views

PT-2023-4771 · Asus · Asus Rt-Ax56U V2

Name of the Vulnerable Software and Affected Versions: ASUS RT-AX56U V2 Description: A format string vulnerability is identified in the set iperf3 svr.cgi module of ASUS RT-AX56U V2, caused by lacking validation for a specific value within this module. This vulnerability can be exploited by a...

10CVSS9.3AI score0.04596EPSS

Exploits0References22

Positive Technologies•added 2023/07/20 12:0 a.m.•2 views

PT-2023-26244 · Unknown · Easyadmin8

Name of the Vulnerable Software and Affected Versions: EasyAdmin8 version 2.0.2.2 Description: A vulnerability has been found in the File Upload Module of EasyAdmin8, affecting an unknown function of the file /admin/index/index.html/admin/mall.goods/index.html. This issue leads to unrestricted...

6.6CVSS4.5AI score0.0008EPSS

Exploits0References5

Positive Technologies•added 2023/07/11 12:0 a.m.•3 views

PT-2023-20832 · Prestashop +1 · Vivawallet +1

Name of the Vulnerable Software and Affected Versions: PrestaShop vivawallet versions 1.7.10 and earlier Description: A SQL injection issue allows a remote attacker to gain privileges via the vivawallet module. This could potentially lead to unauthorized access and control of the system...

9.8CVSS9.8AI score0.00334EPSS

Exploits0References7

Positive Technologies•added 2023/07/06 12:0 a.m.•3 views

PT-2023-25791 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SEACMS version 12.1 Description: A stored cross-site scripting XSS issue in the Management Custom label module allows attackers to execute arbitrary web scripts or HTML via a crafted payload. This can lead to the execution of malicious code o...

5.4CVSS5.4AI score0.00104EPSS

Exploits1References4

Positive Technologies•added 2023/07/06 12:0 a.m.•1 views

PT-2023-25795 · Eyoucms · Eyoucms

Name of the Vulnerable Software and Affected Versions: eyoucms version 1.6.3 Description: A stored cross-site scripting issue in the Column management module allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For eyoucms version 1.6.3, consider...

5.4CVSS5.4AI score0.00104EPSS

Exploits1References2

Positive Technologies•added 2023/06/14 12:0 a.m.•1 views

PT-2023-22559 · Prestashop · Prestashop Leocustomajax

Name of the Vulnerable Software and Affected Versions: PrestaShop leocustomajax version 1.0 PrestaShop leocustomajax version 1.0.0 Description: The issue is related to SQL Injection. It affects the module via the "modules/leocustomajax/leoajax.php" endpoint. Recommendations: For PrestaShop...

9.8CVSS7.4AI score0.49288EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by