Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:0 p.m.9 views

CVE-2026-33135

WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...

9.3CVSS6AI score0.00224EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:0 p.m.4 views

CVE-2026-33136

WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the listarmemorandosativos.php endpoint. An attacker can inject arbitrary JavaScript or HTML tags into the sccd GET parameter, which is then directly echoed into...

9.3CVSS6AI score0.00214EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:8 a.m.12 views

CVE-2019-20221

In Support Incident Tracker SiT! 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page...

6.1CVSS6.1AI score0.00668EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:6 a.m.7 views

CVE-2019-20220

In Support Incident Tracker SiT! 3.67, the searchid parameter in the searchincidentsadvanced.php page is affected by XSS...

6.1CVSS6.9AI score0.00668EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.5 views

PT-2025-46815

Name of the Vulnerable Software and Affected Versions WebToffee Order Export & Order Import for WooCommerce versions through 2.6.7 Description The software contains a flaw related to incorrectly configured access control, allowing for unauthorized access. The issue impacts the Order Export & Orde...

4.3CVSS6.5AI score0.00181EPSS
Exploits0References3
NVD
NVD
added 2025/10/09 6:15 a.m.5 views

CVE-2025-7526

The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion via renaming due to insufficient file path validation in the setuserprofileimage function in all versions up to, and including, 6.6.7. This makes it possible for...

9.8CVSS0.00834EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/03/31 2:4 p.m.4 views

WordPress WP Date and Time Shortcode plugin <= 2.6.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin WP Date and Time Shortcode versions = 2.6.7...

6.5CVSS6.1AI score0.00237EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/16 11:47 a.m.4 views

WordPress DirectoryPress plugin <= 3.6.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin DirectoryPress versions = 3.6.7...

7.1CVSS6.1AI score0.00374EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/10/18 8:15 a.m.3 views

CVE-2023-45049

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Ciprian Popescu YouTube Playlist Player plugin = 4.6.7 versions...

5.4CVSS7.3AI score0.0031EPSS
Exploits0References1
OSV
OSV
added 2022/12/02 4:15 p.m.2 views

DEBIAN-CVE-2022-43272

DCMTK v3.6.7 was discovered to contain a memory leak via the TASCAssociation object...

7.5CVSS6.6AI score0.01568EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2021/07/16 12:0 a.m.2 views

PT-2021-7872 · Offis +5 · Dcmtk +5

Name of the Vulnerable Software and Affected Versions: OFFIS DCMTK versions prior to 3.6.7 Description: The issue is related to a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service condition. This vulnerability is associated with errors in...

9.8CVSS6.9AI score0.07629EPSS
Exploits10References100
OSV
OSV
added 2020/01/02 2:16 p.m.4 views

CVE-2019-20223

In Support Incident Tracker SiT! 3.67, the id parameter is affected by XSS on all endpoints that use this parameter, a related issue to CVE-2012-2235...

6.1CVSS6.4AI score0.00668EPSS
Exploits1References1
Rows per page
Query Builder