Lucene search
K

6 matches found

NVD
NVD
added 2026/06/18 8:16 a.m.9 views

CVE-2026-11395

The CF7 to Webhook plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.0 via the pullthetrigger. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...

7.2CVSS0.00231EPSS
Exploits0References5
OSV
OSV
added 2026/02/11 1:15 p.m.3 views

CVE-2025-58467

A relative path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync...

6.5CVSS5.8AI score0.00416EPSS
Exploits0References1
CVE
CVE
added 2026/02/11 12:20 p.m.15 views

CVE-2025-30266

The CVE-2025-30266 entry describes a NULL pointer dereference in Qsync Central that could allow a remote attacker with a user account to cause a denial-of-service. Concrete details across connected sources identify Qsync Central as the affected product, with the root cause listed as a NULL pointe...

6.5CVSS5.5AI score0.00391EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/10/03 12:0 a.m.5 views

QNAP Qsync Central 安全漏洞

QNAP Qsync Central is the official private cloud synchronization service developed by QNAP for its Network Attached Storage NAS devices. QNAP Qsync Central suffers from an unrestricted resource allocation vulnerability that can be exploited by an attacker to prevent other systems, applications, o...

7.1CVSS6.8AI score0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.4 views

WordPress plugin Classified Listing 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Cross-site scripting vulnerability exists in WordPress plugin Classified Listing 5.0.0 and earlier...

5.4CVSS6.2AI score0.0017EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/20 10:20 a.m.10 views

CVE-2022-46421 Apache Airflow Hive Provider: Hive Provider RCE vulnerability with hive_cli_params

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0...

9.6AI score0.0322EPSS
Exploits0References2
Rows per page
Query Builder