Lucene search
K

217 matches found

Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.8 views

PT-2026-2982

Name of the Vulnerable Software and Affected Versions WP-Members Membership Plugin versions up to and including 3.5.4.3 Description The WP-Members Membership Plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Multiple Checkbox and Multiple Select user profile fields...

5.4CVSS5.6AI score0.00187EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 9:27 a.m.6 views

CVE-2023-31073

Missing Authorization vulnerability in Jose Vega Display custom fields in the frontend – Post and User Profile Fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display custom fields in the frontend – Post and User Profile Fields: from n/a through...

4.3CVSS8.5AI score0.00419EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/11 9:34 p.m.21 views

CVE-2024-58289 Microweber 2.0.15 Stored Cross-Site Scripting via User Profile Fields

Microweber 2.0.15 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts into user profile fields. Attackers can input script payloads in the first name field that will execute when the profile is viewed by other users, potentially...

5.3CVSS0.00222EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/11 9:34 p.m.2 views

CVE-2024-58289 Microweber 2.0.15 Stored Cross-Site Scripting via User Profile Fields

Microweber 2.0.15 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts into user profile fields. Attackers can input script payloads in the first name field that will execute when the profile is viewed by other users, potentially...

5.3CVSS5.8AI score0.00222EPSS
Exploits1References4
CVE
CVE
added 2025/12/11 9:34 p.m.8 views

CVE-2024-58289

CVE-2024-58289 describes a stored cross-site scripting (XSS) in Microweber 2.0.15, where an authenticated attacker can inject script payloads into user profile fields (notably the First Name) that execute when other users view the profile. Multiple connected sources confirm the vulnerability and ...

5.4CVSS5.8AI score0.00222EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.5 views

Microweber 跨站脚本漏洞

Microweber is Microweber open source online store management system that provides drag and drop functionality. The system includes modules for adding products, images and more. A cross-site scripting vulnerability exists in Microweber version 2.0.15, which stems from the presence of stored...

5.4CVSS6.1AI score0.00222EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/08 12:30 a.m.4 views

EUVD-2025-201618

A vulnerability was found in code-projects Chamber of Commerce Membership Management System 1.0. Impacted is an unknown function of the file /membershipprofile.php of the component Your Info Handler. Performing manipulation of the argument Full Name/Address/City/State results in cross site...

4.8CVSS5.2AI score0.00188EPSS
Exploits0References6
OSV
OSV
added 2025/12/01 3:15 p.m.7 views

CVE-2025-63527

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and hprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript...

5.4CVSS5.7AI score0.0028EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.13 views

PT-2025-44661

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.3.35 through 7.4.3.111 Liferay DXP versions 2023.Q3.1 through 2023.Q3.10 Liferay DXP versions 2023.Q4.0 through 2023.Q4.10 Liferay Portal versions 7.4 update 35 through update 92 Description The software contains...

6.1CVSS6.3AI score0.00214EPSS
Exploits0References14
Cvelist
Cvelist
added 2025/10/08 12:0 a.m.9 views

CVE-2025-60318

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting XSS in /admin/profile.php via the fname First Name and lname Last Name fields...

0.00225EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-6247

Malware in sbrugna...

5.4CVSS5.5AI score0.00669EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-1810

Malware in sbrugna...

1.9CVSS6.4AI score0.00433EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-1811

Malware in sbrugna...

6.4CVSS6.4AI score0.01061EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-5539

Malware in sbrugna...

2.6CVSS6.4AI score0.01028EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-6751

Malware in sbrugna...

5.4CVSS5.4AI score0.01604EPSS
Exploits5References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-6804

Malware in sbrugna...

6.1CVSS6.6AI score0.01952EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2004-1919

Malware in sbrugna...

7.5CVSS6.4AI score0.07466EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-8935

Malware in sbrugna...

5.4CVSS5.4AI score0.00727EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-8865

Malicious code in bioql PyPI...

2.7CVSS6.6AI score0.00256EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3929

Malicious code in bioql PyPI...

6.5CVSS6.8AI score0.01282EPSS
Exploits0References6
Rows per page
Query Builder