Lucene search
K

8 matches found

CVE
CVE
added 10 hours ago8 views

CVE-2026-15186

The CVE-2026-15186 vulnerability affects macrozheng mall (up to version 1.0.3) in the Portal Endpoint’s /returnApply/create function, where manipulating the orderId can lead to improper control of resource identifiers. This is a network-exposed issue with a low- to medium-severity CVSS range (bas...

6.5CVSS6.3AI score
Exploits0References6
Cvelist
Cvelist
added 10 hours ago10 views

CVE-2026-15186 macrozheng mall Portal Endpoint create resource injection

A vulnerability was identified in macrozheng mall up to 1.0.3. This impacts an unknown function of the file /returnApply/create of the component Portal Endpoint. The manipulation of the argument orderId leads to improper control of resource identifiers. The attack can be initiated remotely. The...

6.5CVSS
Exploits0References6
EUVD
EUVD
added 10 hours ago5 views

EUVD-2026-42585

A vulnerability was identified in macrozheng mall up to 1.0.3. This impacts an unknown function of the file /returnApply/create of the component Portal Endpoint. The manipulation of the argument orderId leads to improper control of resource identifiers. The attack can be initiated remotely. The...

6.5CVSS6.3AI score
Exploits0References6
NVD
NVD
added 2026/02/25 7:43 p.m.8 views

CVE-2026-24890

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an authorization bypass vulnerability in the patient portal signature endpoint allows authenticated portal users to upload and overwrite provider signatures by setting...

8.1CVSS0.00239EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.6 views

PT-2025-48088

Name of the Vulnerable Software and Affected Versions Ruckus Unleashed version 200.13.6.1.319 Description A reflected Cross Site Scripting XSS issue exists in Ruckus Unleashed. The issue is located in the captive-portal endpoint ''selfguestpass/guestAccessSubmit.jsp'' and is triggered through...

6.1CVSS6.1AI score0.00192EPSS
Exploits4References7
CNNVD
CNNVD
added 2025/11/25 12:0 a.m.4 views

CommScope Ruckus Unleashed 安全漏洞

CommScope Ruckus Unleashed is a wireless router from CommScope USA. A security vulnerability exists in CommScope Ruckus Unleashed version 200.13.6.1.319, which stems from improper handling of the parameter name in the captive-portal endpoint selfguestpass/guestAccessSubmit.jsp, which could lead t...

6.1CVSS5.9AI score0.00192EPSS
Exploits4References3
CVE
CVE
added 2025/11/25 12:0 a.m.18 views

CVE-2025-63735

Vulnerability : CVE-2025-63735 describes a reflected XSS in Ruckus Unleashed v200.13.6.1.319. The issue is triggered via the query parameter named name on the captive-portal endpoint at /selfguestpass/guestAccessSubmit.jsp , with the application reflecting unsanitized input back to the page. Impa...

6.1CVSS5.7AI score0.00192EPSS
Exploits4References2Affected Software1
CNNVD
CNNVD
added 2025/08/30 12:0 a.m.11 views

O2OA 安全漏洞

O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA version 10.0-410 and earlier, which originates from cross-site scripting due to incorrect manipulation of parameters in the file /xportalassembledesigner/jaxrs/page...

5.4CVSS4.4AI score0.00371EPSS
Exploits1References7
Rows per page
Query Builder