Lucene search
K

19 matches found

Cvelist
Cvelist
added 2026/06/26 8:21 p.m.38 views

CVE-2026-48778 Notepad++: Arbitrary Code Execution via config.xml commandLineInterpreter

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value Parameters.cpp:6430 and stored in nppGUI.commandLineInterpreter without any validation, whitelist, or digital signature check. When the user triggers IDMFILEOPENCMD File → Open...

7.8CVSS0.01314EPSS
Exploits5References2
EUVD
EUVD
added 2025/12/18 9:30 a.m.5 views

EUVD-2025-204087

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through 9.6.1...

7.5CVSS6.6AI score0.00381EPSS
Exploits0References2
NVD
NVD
added 2025/12/18 8:16 a.m.5 views

CVE-2025-64191

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore xstore allows Reflected XSS.This issue affects XStore: from n/a through 9.6.1...

7.1CVSS0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:22 a.m.1 views

CVE-2025-64193 WordPress XStore theme < 9.6.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through 9.6.1...

7.5CVSS5.9AI score0.00381EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:22 a.m.31 views

CVE-2025-64191 WordPress XStore theme < 9.6.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore xstore allows Reflected XSS.This issue affects XStore: from n/a through 9.6.1...

7.1CVSS0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/08 12:0 a.m.5 views

SLiMS 9 Bulian 安全漏洞

SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version 9.6.1, which originates...

6.5CVSS7.7AI score0.00268EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/05/08 12:0 a.m.5 views

SLiMS 9 Bulian 安全漏洞

SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version 9.6.1, which originates...

6.5CVSS7.7AI score0.00268EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.4 views

SLiMS 9 Bulian 安全漏洞

SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version 9.6.1, which stems from...

6.7CVSS7.9AI score0.00604EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/05/26 12:0 a.m.9 views

PT-2024-26924 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 8.1.x through 8.1.12 Mattermost versions 9.5.x through 9.5.3 Mattermost versions 9.6.x through 9.6.1 Description: The issue is related to a failure in enforcing proper access controls, allowing users to view arbitrary post...

3.1CVSS7.1AI score0.00258EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/26 12:0 a.m.7 views

PT-2024-35417 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 8.1.x through 8.1.12 Mattermost versions 9.5.x through 9.5.3 Mattermost versions 9.6.x through 9.6.1 Description: The issue is related to the "custom playbooks playbook run updated" webhook event, where guests on a channel...

4.3CVSS7.1AI score0.00282EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/21 12:0 a.m.4 views

PT-2024-20862 · Slims · Slims

Name of the Vulnerable Software and Affected Versions: SLIMS Senayan Library Management Systems 9 Bulian version 9.6.1 Description: The issue is related to SQL Injection via the pop-scope-vocabolary.php file. This allows for potential exploitation. No information is provided about the estimated...

4.9CVSS8AI score0.00549EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.5 views

SLiMS 9 Bulian Security Vulnerability

SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version v.9.6.1, which stems fr...

8.8CVSS8.3AI score0.01076EPSS
Exploits1References3
OSV
OSV
added 2022/08/27 12:0 a.m.2 views

GHSA-6278-2Q4M-CMF3 ZK Framework vulnerable to malicious POST

ZK Framework version 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader...

7.5CVSS5.9AI score0.95335EPSS
Exploits5References6
VulnCheck KEV
VulnCheck KEV
added 2021/12/16 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-36888

Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate versions = 9.6.1 WordPress plugin...

9.8CVSS7.3AI score0.0674EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/14 12:0 a.m.5 views

Yellowfin Business Intelligence Yellowfin 跨站脚本漏洞

Yellowfin is a business intelligence automated analytics, cross-vendor narrative and collaboration software suite. A stored cross-site scripting vulnerability exists in the video embedding feature in Yellowfin versions prior to 9.6.1. An attacker can exploit this vulnerability by sending a...

5.4CVSS5.3AI score0.01437EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2021/10/14 12:0 a.m.5 views

PT-2021-21267 · Yellowfin · Yellowfin

Name of the Vulnerable Software and Affected Versions: Yellowfin versions prior to 9.6.1 Description: The issue allows enumeration and download of uploaded images through an Insecure Direct Object Reference vulnerability. This can be exploited by sending a specially crafted HTTP GET request to th...

7.5CVSS7.2AI score0.02991EPSS
Exploits2References8
OSV
OSV
added 2017/07/17 1:18 p.m.3 views

CVE-2017-3102

Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. Successful exploitation could lead to a reflected cross-site scripting attack...

6.1CVSS5.7AI score0.02885EPSS
Exploits0References3
CNVD
CNVD
added 2017/07/14 12:0 a.m.3 views

Adobe Connect Clickjacking Vulnerability

Adobe Connect for Windows formerly known as Macromedia Breeze is the United States of America Odobie Adobe company's set of Windows-based enterprise-class network communication solutions. The program provides web conferencing, e-learning and webinar features. A clickjacking vulnerability exists i...

7.5CVSS7.5AI score0.05614EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/04/04 12:0 a.m.5 views

PT-2017-17652 · Riverbed · Riverbed Rios

Name of the Vulnerable Software and Affected Versions: Riverbed RiOS versions prior to 9.6.1 Description: The issue is related to a weak default password for the secure vault in Riverbed RiOS, which can be exploited by physically proximate attackers who have knowledge of the password algorithm an...

6.4CVSS7.4AI score0.00361EPSS
Exploits1References6
Rows per page
Query Builder