Lucene search
K

64 matches found

CNNVD
CNNVD
added 2025/03/03 12:0 a.m.4 views

WordPress plugin Small Package Quotes – Worldwide Express Edition SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress plugin...

9.3CVSS7.9AI score0.00464EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/02/21 12:0 a.m.5 views

WordPress Small Package Quotes – Worldwide Express Edition Plugin <= 5.2.18 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin Small Package Quotes – Worldwide Express Edition versions = 5.2.18...

9.3CVSS8.1AI score0.00464EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/19 12:0 a.m.5 views

PT-2025-7366 · WordPress · Small Package Quotes – Worldwide Express Edition

Name of the Vulnerable Software and Affected Versions: Small Package Quotes – Worldwide Express Edition plugin for WordPress versions prior to 5.2.19 Description: The issue concerns SQL injection via the edit id and dropship edit id parameters due to insufficient escaping on the user-supplied...

7.5CVSS10AI score0.00436EPSS
Exploits0References9
NVD
NVD
added 2025/02/16 11:15 p.m.10 views

CVE-2025-22291

Missing Authorization vulnerability in enituretechnology LTL Freight Quotes – Worldwide Express Edition ltl-freight-quotes-worldwide-express-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a...

5.3CVSS0.00277EPSS
Exploits0References1
CVE
CVE
added 2025/02/16 10:17 p.m.51 views

CVE-2025-22291

CVE-2025-22291 corresponds to a Missing Authorization vulnerability in the WordPress plugin “LTL Freight Quotes – Worldwide Express Edition” by Eniture Technology. The entry indicates that versions up to and including 5.0.20 are affected and that exploitation arises from incorrectly configured ac...

5.3CVSS7.2AI score0.00277EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/16 12:0 a.m.4 views

WordPress plugin LTL Freight Quotes – Worldwide Express Edition 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

7.1CVSS7.7AI score0.00236EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/02/12 7:54 a.m.5 views

WordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.0.20 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin LTL Freight Quotes – Worldwide Express Edition versions = 5.0.20...

5.3CVSS7AI score0.00277EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/27 2:22 p.m.4 views

CVE-2025-24667 WordPress Small Package Quotes Plugin <= 5.2.17 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition small-package-quotes-wwe-edition allows SQL Injection.This issue affects Small Package Quotes – Worldwide Express Edition: from n/...

9.3CVSS5.6AI score0.00398EPSS
Exploits0References1
CVE
CVE
added 2025/01/27 2:22 p.m.45 views

CVE-2025-24667

CVE-2025-24667 is a SQL Injection in WordPress Small Package Quotes – Worldwide Express Edition (affected up to version 5.2.17). The CVE entry specifies improper neutralization of SQL commands in Small Package Quotes – Worldwide Express Edition, with an impact described as Confidentiality High an...

9.3CVSS7.3AI score0.00398EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.3 views

PT-2025-5488 · Enituretechnology · Enituretechnology Small Package Quotes – Worldwide Express Edition

Name of the Vulnerable Software and Affected Versions: Eniture Technology Small Package Quotes – Worldwide Express Edition versions 5.2.17 and earlier Description: The issue is related to improper neutralization of special elements used in an SQL command, allowing SQL injection. This means an...

9.3CVSS9.7AI score0.00398EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.4 views

PT-2025-5485 · Enituretechnology · Enituretechnology Ltl Freight Quotes – Worldwide Express Edition

Name of the Vulnerable Software and Affected Versions: Eniture Technology LTL Freight Quotes – Worldwide Express Edition versions 5.0.20 and earlier Description: The issue is related to improper neutralization of special elements used in an SQL command, which allows SQL injection. This means an...

9.3CVSS9.9AI score0.00377EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.2 views

WordPress plugin Small Package Quotes – Worldwide Express Edition SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress plugin...

9.3CVSS8.9AI score0.00398EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/18 3:47 p.m.4 views

WordPress Small Package Quotes Plugin <= 5.2.17 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin Small Package Quotes – Worldwide Express Edition versions = 5.2.17...

9.3CVSS8.1AI score0.00398EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/18 3:33 p.m.6 views

WordPress LTL Freight Quotes Plugin <= 5.0.20 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin LTL Freight Quotes – Worldwide Express Edition versions = 5.0.20...

9.3CVSS8.1AI score0.00377EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/04/11 12:0 a.m.8 views

The vulnerability of the IPv4 Virtual Fragmentation Reassembly (VFR) function in Cisco IOS XE allows a attacker to trigger a service failure or cause a device to restart.

The vulnerability of the IPv4 Virtual Fragmentation Reassembly VFR function in Cisco IOS XE operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause a service failure by sending fragmented...

8.6CVSS7.6AI score0.0098EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/09/28 12:0 a.m.4 views

Cisco IOS XE Software 代码问题漏洞

Cisco IOS XE Software is an operating system from Cisco for enterprise wired and wireless access, aggregation, core and WAN in a single operating system, Cisco IOS XE reduces business and network complexity. An error can be exploited by an attacker to cause a denial of service...

8.6CVSS6.7AI score0.00866EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/28 12:0 a.m.6 views

Cisco IOS XE Software 操作系统命令注入漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. Cisco IOS XE Software suffers from an operating system command injection...

7.9CVSS7.1AI score0.0034EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 9:6 p.m.40 views

Security Bulletin: Potential security vulnerabilities in WebSphere Partner Gateway Express for the Oracle CPU April 2013.

Abstract The IBM WebSphere Partner Gateway is shipped with an IBM Java SDK that is based on the Oracle SDK. Oracle has released April 2013 critical patch updates CPU which contain security vulnerability fixes and the IBM Java SDK that WebSphere Partner Gateway ships is affected. Content...

2.6CVSS6.5AI score0.35584EPSS
Exploits1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/12/13 12:0 a.m.5 views

The vulnerability of the GRE function (EoGRE) in the Cisco IOS XE operating system, which allows a hacker to trigger a service failure.

The vulnerability of the GRE function EoGRE in the Cisco IOS XE operating system is related to errors in processing distorted EoGRE packets. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

8.6CVSS7.5AI score0.01285EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2020/09/25 12:0 a.m.3 views

Cisco IOS XE File System Override Access Vulnerability

Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network devices. A security vulnerability exists in the file system permissions of Cisco IOS XE, which stems from insufficient file system permissions on the affected devices. An attacker could use this vulnerability t...

6CVSS6.6AI score0.00277EPSS
Exploits0References1
Rows per page
Query Builder