Lucene search
+L

256 matches found

NVD
NVD
added 2025/03/10 3:15 p.m.5 views

CVE-2025-26933

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Nitin Prakash WC Place Order Without Payment wc-place-order-without-payment allows PHP Local File Inclusion.This issue affects WC Place Order Without Payment: from n/a through =...

7.5CVSS0.00517EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:18 a.m.9 views

CVE-2024-56051

Improper Control of Generation of Code 'Code Injection' vulnerability in VibeThemes WPLMS wplmsplugin allows Code Injection.This issue affects WPLMS: from n/a through 1.9.9.5...

8.8CVSS7.2AI score0.0045EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:43 a.m.6 views

CVE-2024-50498

Improper Control of Generation of Code 'Code Injection' vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through = 1.0...

10CVSS7.4AI score0.5364EPSS
Exploits4References1
Vulnrichment
Vulnrichment
added 2025/02/04 7:20 a.m.7 views

CVE-2025-22204 Extension - regularlabs.com - Remote code execution vulnerability in the Sourcerer extensions < 12.0.0 for Joomla

Improper control of generation of code in the sourcerer extension for Joomla in versions before 11.0.0 lead to a remote code execution vulnerability...

8.1AI score0.00762EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.8 views

The vulnerability of the kernel component of the Linux operating system, which allows a hacker to cause a service failure

The vulnerability of the kernel component of the Linux operating system is related to improper control of resource identifiers. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.4CVSS5.5AI score0.00268EPSS
Exploits0References12Affected Software9
Vulnrichment
Vulnrichment
added 2025/01/09 7:27 p.m.6 views

CVE-2024-13274 Open Social - Moderately critical - Denial of Service - SA-CONTRIB-2024-038

Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5...

7AI score0.00355EPSS
Exploits0References1
CVE
CVE
added 2025/01/09 7:27 p.m.52 views

CVE-2024-13274

CVE-2024-13274 affects Drupal Open Social, specifically versions prior to 12.3.8 and prior to 12.4.5. The root cause is improper validation of flood control limits on the password reset form, enabling potential abuse that could lead to a Denial of Service. Public references from Drupal advisories...

5.3CVSS6.7AI score0.00355EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/01/09 7:27 p.m.15 views

CVE-2024-13274 Open Social - Moderately critical - Denial of Service - SA-CONTRIB-2024-038

Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5...

0.00355EPSS
Exploits0References1
OSV
OSV
added 2024/12/18 7:15 p.m.2 views

CVE-2024-56051

Improper Control of Generation of Code 'Code Injection' vulnerability in VibeThemes WPLMS allows Code Injection.This issue affects WPLMS: from n/a before 1.9.9.5...

8.8CVSS5.8AI score0.0045EPSS
Exploits0References1
NVD
NVD
added 2024/11/20 3:15 p.m.52 views

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

9.8CVSS0.00463EPSS
Exploits0References1
OSV
OSV
added 2024/11/20 3:15 p.m.2 views

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

9.8CVSS5.8AI score0.00463EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/20 2:45 p.m.48 views

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

9.1CVSS0.00463EPSS
Exploits0References1
CVE
CVE
added 2024/10/28 7:53 p.m.51 views

CVE-2024-50436

CVE-2024-50436 is a Local File Inclusion vulnerability in the WordPress Theme Clean Retina (Theme Horse)

8.8CVSS5.9AI score0.00456EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/10/28 12:15 p.m.6 views

CVE-2024-50498

Improper Control of Generation of Code 'Code Injection' vulnerability in LUBUS WP Query Console allows Code Injection.This issue affects WP Query Console: from n/a through 1.0...

9.8CVSS5.8AI score0.5364EPSS
Exploits4References2
OSV
OSV
added 2024/10/28 12:15 p.m.5 views

CVE-2024-50492

Improper Control of Generation of Code 'Code Injection' vulnerability in Scott Paterson ScottCart allows Code Injection.This issue affects ScottCart: from n/a through 1.1...

9.8CVSS5.8AI score0.0135EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/10/28 12:0 a.m.14 views

PT-2024-34270 · Scottcart · Scottcart

Name of the Vulnerable Software and Affected Versions: ScottCart versions n/a through 1.1 Description: The issue is related to improper control of generation of code, also known as 'Code Injection'. This allows for code injection in ScottCart. Recommendations: For versions n/a through 1.1, consid...

9.8CVSS7AI score0.0135EPSS
Exploits1References8
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/24 4:9 p.m.31 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2024-6345 DESCRIPTION: pypa/setuptools could allow a...

8.8CVSS8.5AI score0.01939EPSS
Exploits1Affected Software1
CVE
CVE
added 2024/10/16 1:27 p.m.61 views

CVE-2024-49251

CVE-2024-49251 corresponds to a Local File Inclusion in the WordPress plugin Maan Addons For Elementor (

7.5CVSS5.9AI score0.00555EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.16 views

PT-2024-33392 · Sunjianle · Ajax-Extend

Name of the Vulnerable Software and Affected Versions: Sunjianle ajax-extend versions n/a through 1.0 Description: The issue is related to improper control of code generation, allowing code injection. This vulnerability exists in Sunjianle and affects the ajax-extend component. Recommendations: F...

10CVSS7.5AI score0.00537EPSS
Exploits0References7
ICS
ICS
added 2024/10/01 6:0 a.m.33 views

Optigo Networks ONS-S8 - Spectra Aggregation Switch

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Optigo Networks Equipment: ONS-S8 - Spectra Aggregation Switch Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion', Weak...

9.8CVSS10AI score0.00696EPSS
Exploits0References10
Rows per page
Query Builder