Lucene search
K

148 matches found

RedhatCVE
RedhatCVE
added 2026/03/04 1:56 a.m.6 views

CVE-2025-50194

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/cron/lang/checkparselang.php. This issue has been patched in version 1.11.30...

7.2CVSS5.9AI score0.02603EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/02 3:16 p.m.3 views

CVE-2025-50194 Chamilo: OS Command Injection in /main/cron/lang/check_parse_lang.php

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/cron/lang/checkparselang.php. This issue has been patched in version 1.11.30...

7.1CVSS5.9AI score0.02603EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/27 11:57 a.m.7 views

CVE-2025-12387 Denial of Service in Pix-Link LV-WR21Q

A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service DoS by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes...

6.9CVSS6AI score0.00659EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/17 9:30 p.m.3 views

EUVD-2025-203932

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the adminlanguagefile and defaultpagelanguagefile in the admin.php component...

6.1AI score0.01098EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/17 12:0 a.m.3 views

CVE-2025-67174

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the adminlanguagefile and defaultpagelanguagefile in the admin.php component...

6.2AI score0.01098EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.22 views

CVE-2025-67174

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the adminlanguagefile and defaultpagelanguagefile in the admin.php component...

0.01098EPSS
Exploits1References4
CVE
CVE
added 2025/12/17 12:0 a.m.11 views

CVE-2025-67174

RiteCMS v3.1.0 contains a local file inclusion (LFI) vulnerability in the admin.php component, exploitable via directory traversal in admin_language_file and default_page_language_file. The issue allows an attacker to read arbitrary files on the host. Multiple connected sources (CNVD-2026-05343, ...

7.5CVSS6.2AI score0.01098EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.7 views

PT-2025-51865

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the admin language file and default page language file in the admin.php component...

6.6AI score0.01098EPSS
Exploits1References5
OSV
OSV
added 2025/12/17 12:0 a.m.5 views

CVE-2025-67174

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the adminlanguagefile and defaultpagelanguagefile in the admin.php component...

6.2CVSS6.5AI score0.01098EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.4 views

Ruijie RG-YST 安全漏洞

Ruijie RG-YST is a series of wireless bridges from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-YST AP3.01B11P280YST250F version, which originates from an unvalidated input to the pwdmodify function in the file /usr/lib/lua/luci/modules/common.lua, which could lead to an ...

8.8CVSS7.2AI score0.01507EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/11/11 8:55 a.m.4 views

grub2: grub-core/gettext: Integer overflow leads to Heap OOB Write.

A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grubgettextgetstrfromposition may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the...

6.7CVSS5.8AI score0.00231EPSS
Exploits0References4
Snyk
Snyk
added 2025/11/06 4:47 p.m.9 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the upload, create, and rename features for files with HTML and SVG types, due to insufficient content-type validation and lack of output sanitization. An attacker can execute arbitrary scripts in the contex...

8.1CVSS5.5AI score0.00361EPSS
Exploits2References2
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.3 views

WordPress plugin Greenify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

8.1CVSS6.6AI score0.00488EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-13463

Malware in sbrugna...

6.7CVSS6.6AI score0.00309EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-3710

Malware in sbrugna...

7.5CVSS6.4AI score0.02618EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-30086

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.01664EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-17280

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00568EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-17279

Malicious code in bioql PyPI...

8.2CVSS8.1AI score0.00448EPSS
Exploits0References1
NVD
NVD
added 2025/09/04 12:15 p.m.7 views

CVE-2025-41041

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'datacode', 'datalang0key', 'datalang0value', 'datalang1key' and 'datatitle' parameters in /apprain/developer/language/default.x...

5.4CVSS0.00162EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/30 12:0 a.m.7 views

The vulnerability of the check_language_file() function in Netgear’s JWNR2000v2 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the checklanguagefile function in Netgear JWNR2000v2 router microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

9CVSS7.6AI score0.00884EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder