Lucene search
K

6271 matches found

OSV
OSV
added 2024/11/04 3:44 p.m.21 views

GO-2024-3235 Mattermost server allows authenticated user to delete arbitrary post in github.com/mattermost/mattermost-server

Mattermost server allows authenticated user to delete arbitrary post in github.com/mattermost/mattermost-server...

4.3CVSS4.8AI score0.0027EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/04 12:0 a.m.5 views

Chamilo LMS 安全漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version 1.11.26, which stems...

5.4CVSS6.7AI score0.00176EPSS
Exploits1References2
Patchstack
Patchstack
added 2024/11/01 10:35 a.m.7 views

WordPress Featured Posts Scroll plugin <= 1.25 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

CSRF to Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Featured Posts Scroll versions = 1.25...

7.1CVSS5.9AI score0.00163EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/01 12:0 a.m.9 views

WordPress Featured Posts Scroll Plugin <= 1.25 is vulnerable to Cross Site Request Forgery (CSRF)

Software Featured Posts Scroll Type Plugin Vulnerable versions = 1.25 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-51647 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 4e8c9b0726a9 Credits SOPROBRO Require...

7.1CVSS6.7AI score0.00163EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.6 views

WordPress plugin YARPP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS6.5AI score0.43585EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/31 12:22 p.m.4 views

WordPress Marquee Elementor with Posts plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Marquee Elementor with Posts versions = 1.2.0...

6.5CVSS6.1AI score0.00234EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/31 12:0 a.m.14 views

WordPress Marquee Elementor with Posts Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Marquee Elementor with Posts Type Plugin Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51584 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0fd32696366c Credits Gab Required privilege...

6.5CVSS6.5AI score0.00234EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2024/10/30 7:6 a.m.8 views

CVE-2024-12084

creationtimestamp| type| source ---|---|--- 2024-10-30 07:06:34+00:00| seen| https://git.samba.org/?p=rsync.git;a=commit;h=0902b52f6687b1f7952422080d50b93108742e53 2024-11-05 20:01:03+00:00| seen| https://git.samba.org/?p=rsync.git;a=commit;h=42e2b56c4ede3ab164f9a5c6dae02aa84606a6c1 2025-01-14...

9.8CVSS7.1AI score0.72059EPSS
Exploits4References61
OSV
OSV
added 2024/10/29 8:15 a.m.5 views

CVE-2024-50052

Mattermost versions 9.10.x = 9.10.2, 9.11.x = 9.11.1, 9.5.x = 9.5.9 fail to check that the origin of the message in an integration action matches with the original post metadata which allows an authenticated user to delete an arbitrary post...

4.3CVSS7.8AI score
Exploits0References1
NVD
NVD
added 2024/10/28 6:15 p.m.18 views

CVE-2024-50464

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pierre Lebedel Kodex Posts likes kodex-posts-likes.This issue affects Kodex Posts likes: from n/a through = 2.5.0...

6.5CVSS0.00251EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/28 5:46 p.m.9 views

CVE-2024-50464 WordPress Kodex Posts likes plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pierre Lebedel Kodex Posts likes kodex-posts-likes.This issue affects Kodex Posts likes: from n/a through = 2.5.0...

6.5CVSS5.9AI score0.00251EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/28 5:46 p.m.30 views

CVE-2024-50464 WordPress Kodex Posts likes plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pierre Lebedel Kodex Posts likes kodex-posts-likes.This issue affects Kodex Posts likes: from n/a through = 2.5.0...

6.5CVSS0.00251EPSS
Exploits0References1
Circl
Circl
added 2024/10/28 1:56 a.m.40 views

CVE-2024-50623

creationtimestamp| type| source ---|---|--- 2024-10-28 01:56:29+00:00| seen| https://t.me/cvedetector/9080 2024-12-10 03:52:21+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113626496423360521 2024-12-10 03:57:59+00:00| seen|...

9.8CVSS7.6AI score0.98529EPSS
In wildExploits6References52
Positive Technologies
Positive Technologies
added 2024/10/28 12:0 a.m.4 views

PT-2024-34240 · Unknown · Kodex Posts Likes

Name of the Vulnerable Software and Affected Versions: Kodex Posts likes versions through 2.5.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For versio...

6.5CVSS5.7AI score0.00251EPSS
Exploits0References3
NVD
NVD
added 2024/10/24 7:15 p.m.13 views

CVE-2024-46996

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Blog posts feature. Version 5.1.2 fixes this issue...

6.3CVSS0.00303EPSS
Exploits0References2
NVD
NVD
added 2024/10/24 7:15 p.m.33 views

CVE-2024-46994

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...

5.4CVSS0.0028EPSS
Exploits0References2
Snyk
Snyk
added 2024/10/24 6:44 p.m.4 views

Cross-site Scripting (XSS)

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the blog posts and contents list feature. An attacker can manipulate web page content or redirect users to malicious websites. Details...

6.1CVSS5.3AI score0.0028EPSS
Exploits0References2
CVE
CVE
added 2024/10/24 6:35 p.m.47 views

CVE-2024-46996

baserCMS (CMS framework) has a Cross-site Scripting (XSS) vulnerability in the Blog posts feature affecting versions prior to 5.1.2. The issue is addressed by upgrading to a fixed release (5.1.2 or newer; some sources list 5.1.3 as the update path). Multiple connected advisories confirm the affec...

6.3CVSS5.6AI score0.00303EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/10/24 6:35 p.m.15 views

CVE-2024-46996 baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Blog posts feature. Version 5.1.2 fixes this issue...

6.3CVSS5.8AI score0.00303EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/10/24 6:22 p.m.32 views

CVE-2024-46994 baserCMS has Cross-site Scripting Vulnerability in Blog posts and Contents list Feature

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...

5.4CVSS0.0028EPSS
Exploits0References2
Rows per page
Query Builder