Lucene search
+L

38 matches found

CVE
CVE
added 2025/09/19 12:0 a.m.22 views

CVE-2025-54761

CVE-2025-54761 affects PPress CMS 0.0.9 and involves a flaw where a crafted session cookie can lead to elevated privileges. The CVE is tracked across multiple feeds (Red Hat, NVD, osv.dev, CNNVD, etc.). The base CVSS v3.1 score is 8.0 (High) with Network attack vector, Low attack complexity, Priv...

8CVSS6.8AI score0.00298EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2025/09/19 12:0 a.m.14 views

CVE-2025-54761

An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie...

0.00298EPSS
Exploits3References2
Cvelist
Cvelist
added 2025/09/19 12:0 a.m.11 views

CVE-2025-52159

Hardcoded credentials in default configuration of PPress 0.0.9...

0.00384EPSS
Exploits3References2
CVE
CVE
added 2025/09/19 12:0 a.m.24 views

CVE-2025-52159

CVE-2025-52159 affects PPress CMS (version 0.0.9; related note mentions 0.0.9-beta). The connected exploit documentation describes a chain leading to remote code execution via server-side template injection (SSTI) and highlights Broken/Incorrect Access Control enabling exploit progression. The ro...

8.8CVSS6.6AI score0.00384EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2025/09/19 12:0 a.m.14 views

CVE-2025-54815

Server-side template injection SSTI vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes...

0.00556EPSS
Exploits3References2
OSV
OSV
added 2025/09/19 12:0 a.m.6 views

CVE-2025-54815

Server-side template injection SSTI vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes...

8.8CVSS8AI score0.00556EPSS
Exploits3References4
OSV
OSV
added 2025/09/19 12:0 a.m.6 views

CVE-2025-54761

An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie...

8CVSS6.9AI score0.00298EPSS
Exploits3References4
GithubExploit
GithubExploit
added 2025/06/02 8:6 a.m.86 views

Exploit for CVE-2025-52159

This vulnerability chains has been assigned the following CVE ID...

8.8CVSS8.7AI score0.00556EPSS
Exploits5
GithubExploit
GithubExploit
added 2025/06/02 8:6 a.m.95 views

Exploit for CVE-2025-52159

This vulnerability chains has been assigned the following CVE ID...

8.8CVSS8.7AI score0.00556EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2025/02/22 12:32 a.m.5 views

CVE-2025-25973

A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters...

6.5CVSS7AI score0.00495EPSS
Exploits1References1
NVD
NVD
added 2025/02/20 6:15 p.m.8 views

CVE-2025-25973

A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters...

6.5CVSS0.00495EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/02/20 12:0 a.m.3 views

PPress 安全漏洞

PPress is a Python based blogging CMS system developed by yandaozi. A security vulnerability exists in PPress version 0.0.9, which stems from a stored cross-site scripting vulnerability in related recommendations, which allows remote attackers to execute arbitrary code...

6.5CVSS6.4AI score0.00495EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/02/20 12:0 a.m.4 views

CVE-2025-25973

A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters...

6.5AI score0.00495EPSS
Exploits1References2
CVE
CVE
added 2025/02/20 12:0 a.m.60 views

CVE-2025-25973

CVE-2025-25973 affects Ppress v0.0.9 where a stored XSS flaw exists in the "related recommendations" feature. The vulnerability arises from crafted input to article.title, article.category, and article.tags, enabling a remote attacker to execute arbitrary code. Affected component is the related r...

6.5CVSS6.5AI score0.00495EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/20 12:0 a.m.4 views

PT-2025-7592 · Phpress · Ppress

Name of the Vulnerable Software and Affected Versions: Ppress version 0.0.9 Description: A stored Cross-Site Scripting vulnerability in the "related recommendations" feature allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and...

6.5CVSS7AI score0.00495EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/02/20 12:0 a.m.12 views

CVE-2025-25973

A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters...

0.00495EPSS
Exploits1References2
OSV
OSV
added 2025/02/20 12:0 a.m.3 views

CVE-2025-25973

A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters...

6.5CVSS7AI score0.00495EPSS
Exploits1References4
OSV
OSV
added 2021/12/13 11:15 a.m.2 views

CVE-2021-24954

The User Registration, Login Form, User Profile & Membership WordPress plugin before 3.2.3 does not sanitise and escape the ppressccdata parameter before outputting it back in an attribute of an admin dashboard page, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS5.8AI score0.00968EPSS
Exploits2References2
Rows per page
Query Builder