Lucene search
K

242 matches found

Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.3 views

PT-2025-35771

Name of the Vulnerable Software and Affected Versions: LTL Freight Quotes – Daylight Edition versions through 2.2.7 Description: A deserialization of untrusted data issue exists in enituretechnology LTL Freight Quotes – Daylight Edition, allowing object injection. Recommendations: Update LTL...

7.2CVSS6.5AI score0.00354EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.3 views

PT-2025-35770

Name of the Vulnerable Software and Affected Versions: LTL Freight Quotes – Day & Ross Edition versions through 2.1.11 Description: Deserialization of untrusted data in LTL Freight Quotes – Day & Ross Edition allows object injection. Recommendations: At the moment, there is no information about a...

7.2CVSS6.3AI score0.00354EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.4 views

PT-2025-35772

Name of the Vulnerable Software and Affected Versions: LTL Freight Quotes - TQL Edition versions n/a through 1.2.6 Description: Deserialization of untrusted data in LTL Freight Quotes - TQL Edition allows for object injection. Recommendations: At the moment, there is no information about a newer...

7.2CVSS6.3AI score0.00354EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/03 12:0 a.m.3 views

WordPress plugin LTL Freight Quotes – Day & Ross Edition 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

7.2CVSS6.7AI score0.00354EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/17 1:32 a.m.7 views

CVE-2025-8991

A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemallexpressfreightmin leads to business logic errors. The...

5.3CVSS7.2AI score0.00299EPSS
Exploits1References1
NVD
NVD
added 2025/08/15 1:16 a.m.10 views

CVE-2025-8991

A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemallexpressfreightmin leads to business logic errors. The...

5.3CVSS0.00299EPSS
Exploits1References5
OSV
OSV
added 2025/08/15 12:32 a.m.5 views

CVE-2025-8991 linlinjava litemall Business Logic express logic error

A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemallexpressfreightmin leads to business logic errors. The...

5.3CVSS5.5AI score0.00299EPSS
Exploits1References7
CVE
CVE
added 2025/08/15 12:32 a.m.33 views

CVE-2025-8991

CVE-2025-8991 affects linlinjava litemall versions up to 1.8.0. The vulnerability resides in the Business Logic Handler’s /admin/config/express, where manipulating the litemall_express_freight_min parameter triggers business logic errors. The issue is exploitable remotely and publicized. PT-2025-...

5.3CVSS7.1AI score0.00299EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/08/15 12:32 a.m.15 views

CVE-2025-8991 linlinjava litemall Business Logic express logic error

A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemallexpressfreightmin leads to business logic errors. The...

5.3CVSS0.00299EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/08/15 12:32 a.m.4 views

CVE-2025-8991 linlinjava litemall Business Logic express logic error

A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemallexpressfreightmin leads to business logic errors. The...

5.3CVSS7.1AI score0.00299EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.5 views

litemall 安全漏洞

litemall is a small mall system for linlinjava individual developers. A security vulnerability exists in linlinjava litemall version 1.8.0 and earlier, which stems from a business logic error due to incorrect operation of the parameter litemallexpressfreightmin in the file /admin/config/express...

5.3CVSS6.7AI score0.00299EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.6 views

PT-2025-33423 · Linlinjava · Litemall

Name of the Vulnerable Software and Affected Versions: linlinjava litemall versions up to 1.8.0 Description: A vulnerability was identified in linlinjava litemall. The issue affects an unknown functionality within the /admin/config/express file of the Business Logic Handler component. Manipulatio...

5.3CVSS4.4AI score0.00299EPSS
Exploits1References9
Cvelist
Cvelist
added 2025/06/07 8:22 a.m.25 views

CVE-2025-5303 LTL Freight Quotes – Freightview Edition <= 1.0.11, LTL Freight Quotes – Daylight Edition <=2.2.6 and LTL Freight Quotes – Day & Ross Edition <= 2.1.10 - Unauthenticated Stored Cross-Site Scripting via `expiry_date` Parameter

The LTL Freight Quotes – Freightview Edition, LTL Freight Quotes – Daylight Edition and LTL Freight Quotes – Day & Ross Edition plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the expirydate parameter in all versions up to, and including, 1.0.11, 2.2.6 and 2.1.10...

7.2CVSS0.00284EPSS
Exploits0References5
CVE
CVE
added 2025/06/07 8:22 a.m.70 views

CVE-2025-5303

CVE-2025-5303 affects three WordPress plugins: LTL Freight Quotes – Freightview Edition, LTL Freight Quotes – Daylight Edition, and LTL Freight Quotes – Day & Ross Edition. The issue is Stored Cross-Site Scripting via the expiry_date parameter in all versions up to 1.0.11 (Freightview Edition), 2...

7.2CVSS6.3AI score0.00284EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/06/07 8:22 a.m.2 views

CVE-2025-5303 LTL Freight Quotes – Freightview Edition <= 1.0.11, LTL Freight Quotes – Daylight Edition <=2.2.6 and LTL Freight Quotes – Day & Ross Edition <= 2.1.10 - Unauthenticated Stored Cross-Site Scripting via `expiry_date` Parameter

The LTL Freight Quotes – Freightview Edition, LTL Freight Quotes – Daylight Edition and LTL Freight Quotes – Day & Ross Edition plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the expirydate parameter in all versions up to, and including, 1.0.11, 2.2.6 and 2.1.10...

7.2CVSS6.4AI score0.00284EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/06/07 12:0 a.m.4 views

WordPress plugin LTL Freight Quotes – Day & Ross Edition和WordPress plugin LTL Freight Quotes – Daylight Edition 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

7.2CVSS6.4AI score0.00284EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/06/07 12:0 a.m.9 views

PT-2025-24336 · Unknown · Ltl Freight Quotes – Daylight Edition +2

Name of the Vulnerable Software and Affected Versions: LTL Freight Quotes – Freightview Edition versions 1.0.11 and earlier LTL Freight Quotes – Daylight Edition versions 2.2.6 and earlier LTL Freight Quotes – Day & Ross Edition versions 2.1.10 and earlier Description: The issue is related to...

7.2CVSS6.3AI score0.00284EPSS
Exploits0References12
Patchstack
Patchstack
added 2025/06/06 9:41 p.m.8 views

WordPress LTL Freight Quotes – Daylight Edition plugin <= 2.2.6 - Unauthenticated Stored Cross-Site Scripting via `expiry_date` Parameter vulnerability

Unauthenticated Stored Cross-Site Scripting via expirydate Parameter vulnerability discovered by sterva in WordPress Plugin LTL Freight Quotes – Daylight Edition versions = 2.2.6...

7.2CVSS5.4AI score0.00284EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/06 9:41 p.m.6 views

WordPress LTL Freight Quotes – Day & Ross Edition plugin <= 2.1.10 - Unauthenticated Stored Cross-Site Scripting via `expiry_date` Parameter vulnerability

Unauthenticated Stored Cross-Site Scripting via expirydate Parameter vulnerability discovered by sterva in WordPress Plugin LTL Freight Quotes – Day & Ross Edition versions = 2.1.10...

7.2CVSS5.4AI score0.00284EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/06/06 9:41 p.m.6 views

WordPress LTL Freight Quotes – Freightview Edition plugin <= 1.0.11 - Unauthenticated Stored Cross-Site Scripting via `expiry_date` Parameter vulnerability

Unauthenticated Stored Cross-Site Scripting via expirydate Parameter vulnerability discovered by sterva in WordPress Plugin LTL Freight Quotes – Freightview Edition versions = 1.0.11...

7.2CVSS5.4AI score0.00284EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder