Lucene search
K

8 matches found

EUVD
EUVD
added 2026/03/05 6:30 a.m.6 views

EUVD-2025-208301

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Lendiz lendiz allows Upload a Web Shell to a Web Server.This issue affects Lendiz: from n/a through 2.0.1...

9.9CVSS5.9AI score0.00447EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/20 3:46 p.m.23 views

CVE-2025-68549 WordPress Wiguard theme < 2.0.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Wiguard wiguard allows Upload a Web Shell to a Web Server.This issue affects Wiguard: from n/a through 2.0.1...

9.9CVSS0.00434EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.2 views

PT-2025-4578 · Unknown · Prayer Times Anywhere

Name of the Vulnerable Software and Affected Versions: Prayer Times Anywhere versions prior to 2.0.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...

7.1CVSS6.9AI score0.00168EPSS
Exploits0References4
OSV
OSV
added 2023/09/27 3:19 p.m.1 views

UBUNTU-CVE-2023-43646

get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regular expression denial of service redos vulnerability which may lead to a denial of service when parsing malicious input. This vulnerabilit...

8.6CVSS6.7AI score0.01114EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/03/05 12:0 a.m.4 views

json-logic-js 命令注入漏洞

json-logic-js is an application by Jeremy Wadhams personal developer. It is used to build complex rules, serialize them to JSON, and execute them in JavaScript. A command injection vulnerability exists in versions of json-logic-js prior to 2.0.1, which stems from the presence of a command injecti...

9.8CVSS6.5AI score0.02271EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/06/30 12:0 a.m.5 views

opensearch-ruby 代码问题漏洞

opensearch-ruby is an open source Ruby client for OpenSearch from opensearch-project. A code issue vulnerability exists in opensearch-ruby that stems from the use of the ruby YAML.load function instead of YAML.safeload in versions prior to 2.0.1. As a result, opensearch-ruby 2.0.0 and earlier may...

8.8CVSS8.1AI score0.01501EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/03/24 12:0 a.m.6 views

Xavier Hahn vscode-matlab 默认配置问题漏洞

Xavier Hahn vscode-matlab is an open source application by Xavier Hahn. MATLAB extension before 2.0.1 suffers from a Default Configuration Issue vulnerability that can be exploited by an attacker to execute arbitrary code via a crafted workspace...

9.8CVSS8.8AI score0.0203EPSS
Exploits0References5
CNVD
CNVD
added 2016/08/11 12:0 a.m.3 views

IBM Rational Publishing Engine Cross-Site Scripting Vulnerability

IBM Rational Publishing Engine is the U.S. IBM company's set of specialized for the product development process involves documents, reports for automated generation, publishing tools. A cross-site scripting vulnerability exists in ifix002 versions of IBM Rational Publishing Engine prior to 2.0.1,...

5.4CVSS5.7AI score0.00615EPSS
Exploits0References1
Rows per page
Query Builder