Lucene search
+L

39 matches found

Cvelist
Cvelist
added 2025/10/27 2:7 a.m.10 views

CVE-2025-58918 WordPress Entrada theme <= 5.7.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Waituk Entrada theme allows Cross Site Request Forgery.This issue affects Entrada: from n/a through 5.7.7...

4.3CVSS0.00113EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.10 views

PT-2025-43864

Name of the Vulnerable Software and Affected Versions Waituk Entrada theme versions through 5.7.7 Description A Cross-Site Request Forgery CSRF issue exists in the Waituk Entrada theme. This allows attackers to perform actions on behalf of authenticated users without their knowledge. The...

4.3CVSS6.4AI score0.00113EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

WordPress plugin Entrada 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

4.3CVSS6.4AI score0.00113EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-46038

Malicious code in bioql PyPI...

9CVSS8.9AI score0.00838EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-28760

Malicious code in bioql PyPI...

5.1CVSS4.8AI score0.00317EPSS
Exploits1References4
Patchstack
Patchstack
added 2025/09/17 1:16 a.m.7 views

WordPress Entrada theme <= 5.7.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Entrada versions = 5.7.7...

4.3CVSS7AI score0.00113EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/09/17 12:0 a.m.8 views

WordPress Entrada Theme <= 5.7.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Entrada Type Theme Vulnerable versions = 5.7.7 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2025-58918 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5915a0847dad Credits Tran Nguyen Bao Khanh VCI - VN...

5.8AI score0.00113EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/09/08 12:2 a.m.6 views

CVE-2025-10074 Portabilis i-Educar tipos cross site scripting

A vulnerability was identified in Portabilis i-Educar up to 2.10. The affected element is an unknown function of the file /usuarios/tipos/. The manipulation of the argument Tipos de Usuário/Descrição leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly...

5.1CVSS4.2AI score0.00257EPSS
Exploits1References7
CNVD
CNVD
added 2025/07/04 12:0 a.m.4 views

WeGIA Cross-Site Scripting Vulnerability (CNVD-2025-17296)

WeGIA is a web manager for welfare organizations. WeGIA suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data by the parameter Insira o novo tipo in the file /html/matPat/adicionartipoEntrada.php No detailed...

5.1CVSS6.3AI score0.00317EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/05/22 12:46 p.m.3 views

WordPress Entrada Theme <= 5.7.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Bonds in WordPress Theme Entrada versions = 5.7.7...

9.3CVSS8.1AI score0.00241EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/22 12:0 a.m.7 views

WordPress Entrada Theme <= 5.7.7 is vulnerable to SQL Injection

Software Entrada Type Theme Vulnerable versions = 5.7.7 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2025-39484 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID ccc061900a81 Credits Bonds Required privilege Unauthenticated Published 22 May,...

6.8AI score0.00241EPSS
Exploits0References1Affected Software1
Wallarm Lab
Wallarm Lab
added 2024/07/31 11:36 a.m.4 views

Falla en la lógica empresarial

¿Qué son las fallas de la lógica empresarial? Las fallas de lógica empresarial, también conocidas como defectos de lógica empresarial, son errores en el diseño de un sistema o proceso que permiten a los usuarios realizar acciones que no deberían ser posibles. Estos errores no son el resultado de ...

7.8AI score
Exploits0
OSV
OSV
added 2022/11/22 2:15 p.m.4 views

CVE-2022-42989

ERP Sankhya before v4.11b81 was discovered to contain a cross-site scripting XSS vulnerability via the component Caixa de Entrada...

9CVSS5.7AI score0.00838EPSS
Exploits2References3
Prion
Prion
added 2022/11/22 2:15 p.m.13 views

Cross site scripting

ERP Sankhya before v4.11b81 was discovered to contain a cross-site scripting XSS vulnerability via the component Caixa de Entrada...

6CVSS8.1AI score0.00838EPSS
Exploits2References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/22 12:0 a.m.4 views

PT-2022-26696 · Sankhya · Erp Sankhya

Name of the Vulnerable Software and Affected Versions: ERP Sankhya versions prior to 4.11b81 Description: A cross-site scripting XSS issue was found in the Caixa de Entrada component. This allows for potential exploitation. Recommendations: For versions prior to 4.11b81, update to version 4.11b81...

9CVSS6.1AI score0.00838EPSS
Exploits2References6
Cvelist
Cvelist
added 2022/11/22 12:0 a.m.18 views

CVE-2022-42989

ERP Sankhya before v4.11b81 was discovered to contain a cross-site scripting XSS vulnerability via the component Caixa de Entrada...

8.4AI score0.00838EPSS
Exploits2References1
CVE
CVE
added 2022/11/22 12:0 a.m.72 views

CVE-2022-42989

ERP Sankhya before v4.11b81 is affected by CVE-2022-42989, a cross-site scripting (XSS) in the Caixa de Entrada component. The vulnerability allows injection of HTML/JavaScript via the Caixa de Entrada messaging feature, enabling potential account takeover and exposure of sensitive data. The CVSS...

9CVSS8.1AI score0.00838EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2006/01/27 11:3 p.m.12 views

CVE-2006-0462

SQL injection vulnerability in comentarios.php in AndoNET Blog 2004.09.02 allows remote attackers to execute arbitrary SQL commands via the entrada parameter...

7.5CVSS8.4AI score0.0187EPSS
Exploits1References8
Cvelist
Cvelist
added 2006/01/27 11:0 p.m.19 views

CVE-2006-0462

SQL injection vulnerability in comentarios.php in AndoNET Blog 2004.09.02 allows remote attackers to execute arbitrary SQL commands via the entrada parameter...

8.4AI score0.0187EPSS
Exploits1References8
Rows per page
Query Builder