Lucene search
K

9 matches found

CNNVD
CNNVD
added 2025/11/21 12:0 a.m.4 views

WordPress plugin Shortcodes Bootstrap 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.9AI score0.00162EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.4 views

WordPress plugin AppMaps 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

7.1CVSS8.6AI score0.0019EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/07 12:0 a.m.4 views

PT-2024-19789 · Visionos · Visionos

Name of the Vulnerable Software and Affected Versions: visionOS versions prior to 1.1 Description: A permissions issue was addressed to help ensure Personas are always protected. An unauthenticated user may be able to use an unprotected Persona. Recommendations: For versions prior to 1.1, update ...

6.2CVSS6.6AI score0.00268EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/12/01 12:0 a.m.4 views

ArslanSoft Education Portal SQL Injection Vulnerability

ArslanSoft Education Portal is an education portal from ArslanSoft, Inc. A SQL injection vulnerability exists in versions prior to ArslanSoft Education Portal v1.1, which stems from the presence of a SQL injection vulnerability...

9.8CVSS7.9AI score0.00788EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/01 12:0 a.m.7 views

PT-2023-32225

Name of the Vulnerable Software and Affected Versions ArslanSoft Education Portal versions prior to 1.1 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

9.8CVSS7.4AI score0.00788EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/12/01 12:0 a.m.9 views

PT-2023-32228

Name of the Vulnerable Software and Affected Versions ArslanSoft Education Portal versions prior to 1.1 Description The issue allows for the unrestricted upload of files with dangerous types, enabling the reading of sensitive strings within an executable. Recommendations For versions prior to 1.1...

7.5CVSS7.1AI score0.00628EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/07/10 12:0 a.m.5 views

PT-2023-17426 · WordPress · Call Now Accessibility Button

Name of the Vulnerable Software and Affected Versions: Call Now Accessibility Button WordPress plugin versions prior to 1.1 Description: The issue allows high-privilege users to perform Stored Cross-Site Scripting XSS attacks due to improper sanitization of some settings. This can occur even when...

4.8CVSS4.8AI score0.00423EPSS
Exploits2References3
Cvelist
Cvelist
added 2022/06/30 7:25 p.m.21 views

CVE-2021-41995 PingID Mac Login prior to 1.1 vulnerable to pre-computed dictionary attacks

A misconfiguration of RSA in PingID Mac Login prior to 1.1 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass...

7.7CVSS7.7AI score0.00724EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2003/09/03 12:0 a.m.8 views

PT-2003-1784 · Apache · Apache Web Server

Name of the Vulnerable Software and Affected Versions: Docview versions prior to 1.1-18 Description: The issue allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules in the Apache web server configuration. Recommendations: For versio...

5CVSS6.8AI score0.01897EPSS
Exploits0References2
Rows per page
Query Builder