Lucene search
K

88793 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.18 views

CVE-2023-4864

A vulnerability, which was classified as problematic, was found in SourceCodester Take-Note App 1.0. This affects an unknown part of the file index.php. The manipulation of the argument noteContent with the input leads to cross site scripting. It is possible to initiate the attack remotely. The...

6.1CVSS6.2AI score0.00542EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.7 views

CVE-2023-4173

A vulnerability, which was classified as problematic, was found in mooSocial mooStore 3.1.6. Affected is an unknown function of the file /search/index. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this...

6.1CVSS6AI score0.03336EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.7 views

CVE-2023-4870

A vulnerability classified as problematic has been found in SourceCodester Contact Manager App 1.0. This affects an unknown part of the file index.php of the component Contact Information Handler. The manipulation of the argument contactID with the input " leads to cross site scripting. It is...

6.1CVSS6.2AI score0.00562EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.7 views

CVE-2023-4371

A vulnerability was found in phpRecDB 1.3.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument r/view leads to cross site scripting. The attack may be launched remotely. VDB-237194 is the identifier...

6.1CVSS6.1AI score0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.10 views

CVE-2023-40158

Hidden functionality vulnerability in the CBC products allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter its settings. As for the affected products/versions, see the detailed information provided by the vendor. Note that NR4H, NR8H, NR16H series and...

8.8CVSS7AI score0.00928EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:29 p.m.8 views

CVE-2023-40362

An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known...

4.3CVSS6.8AI score0.00667EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:24 p.m.12 views

CVE-2018-14885

Incorrect access control in the database manager component in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows a remote attacker to restore a database dump without knowing the super-admin password. An arbitrary password succeeds...

9.8CVSS7.3AI score0.02224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:24 p.m.8 views

CVE-2018-14867

Incorrect access control in the portal messaging system in Odoo Community 9.0 and 10.0 and Odoo Enterprise 9.0 and 10.0 allows remote attackers to post messages on behalf of customers, and to guess document attribute values, via crafted parameters...

5.3CVSS7.1AI score0.01399EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:16 p.m.6 views

CVE-2018-10727

Reflected Cross-Site Scripting XSS vulnerability in the fabrikreferrer hidden field in the Fabrikar Fabrik component through v3.8.1 for Joomla! allows remote attackers to inject arbitrary web script via the HTTP Referer header...

6.1CVSS6AI score0.01047EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:16 p.m.9 views

CVE-2018-1000616

ONOS ONOS controller version 1.13.1 and earlier contains a XML External Entity XXE vulnerability in onos\drivers\utilities\src\main\java\org\onosproject\drivers\utilities\XmlConfigParser.java loadxml that can result in An adversary can remotely launch XXE attacks on ONOS controller via an...

9.8CVSS6.8AI score0.01407EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:12 p.m.14 views

CVE-2018-18878

In firmware version MS2.6.9900 of Columbia Weather MicroServer, the BACnet daemon does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the device to become unavailable...

7.8CVSS7.1AI score0.02889EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:1 p.m.11 views

CVE-2018-19152

emercoin through 0.7 a chain-based proof-of-stake cryptocurrency allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM...

7.5CVSS7AI score0.01296EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:0 p.m.7 views

CVE-2018-19156

PIVX through 3.1.03 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...

7.5CVSS6.9AI score0.01296EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:0 p.m.8 views

CVE-2018-19345

The u3d plugin 9.3.0.10809 aka plugins\U3DBrowser.fpi in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service out-of-bounds read or obtain sensitive information via a U3D sample because of a "Read Access Violation near NULL starting at...

7.1CVSS7AI score0.01653EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:0 p.m.8 views

CVE-2018-19153

particl through 0.17 a chain-based proof-of-stake cryptocurrency allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM...

7.5CVSS7AI score0.01296EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:59 a.m.7 views

CVE-2018-19203

PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request...

7.5CVSS7AI score0.02805EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:58 a.m.7 views

CVE-2018-19922

Persistent Cross-Site Scripting XSS in the advancedsetupwebsiteblocking.html Website Blocking page of the Actiontec C1000A router with firmware through CAC004-31.30L.95 allows a remote attacker to inject arbitrary HTML into the Website Blocking page by inserting arbitrary HTML into the 'TodUrlAdd...

6.1CVSS6AI score0.0083EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:58 a.m.8 views

CVE-2018-19151

qtum through 0.16 a chain-based proof-of-stake cryptocurrency allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM...

7.5CVSS7AI score0.01296EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:54 a.m.7 views

CVE-2009-4233

Cross-site scripting XSS vulnerability in modules/modyjwhois.php in the YJ Whois component 1.0x and 1.5.x for Joomla! allows remote attackers to inject arbitrary web script or HTML via the domain parameter to index.php. NOTE: some of these details are obtained from third party information...

4.3CVSS6AI score0.01022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:54 a.m.9 views

CVE-2009-4710

SQL injection vulnerability in the Reset backend password cwtresetbepassword extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.0106EPSS
Exploits0References1
Rows per page
Query Builder