Lucene search
K

20 matches found

Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.4 views

PT-2025-14818 · Unknown · Projectworlds Online Doctor Appointment Booking System

Name of the Vulnerable Software and Affected Versions: projectworlds Online Doctor Appointment Booking System version 1.0 Description: A critical issue was found in the projectworlds Online Doctor Appointment Booking System. The vulnerability affects an unknown functionality of the file...

9.8CVSS7.8AI score0.00478EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2025/01/05 12:0 a.m.9 views

PT-2025-3801 · Codezips · Codezips Gym Management System

Name of the Vulnerable Software and Affected Versions: Codezips Gym Management System version 1.0 Description: A critical issue has been found in the Codezips Gym Management System, affecting an unknown functionality of the file /dashboard/admin/submit payments.php. The manipulation of the m id...

8.8CVSS7.2AI score0.00467EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/11/20 12:0 a.m.6 views

PT-2024-17026 · 115Cms · 115Cms

Name of the Vulnerable Software and Affected Versions: 115cms versions up to 20240807 Description: A vulnerability was found in the processing of the file /app/admin/view/web user.html, where the manipulation of the argument ks leads to cross-site scripting. The attack may be initiated remotely...

6.1CVSS4.2AI score0.00309EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/10/21 12:0 a.m.11 views

PT-2024-28779 · Unknown · Boa Web Server +1

Name of the Vulnerable Software and Affected Versions: Vilo 5 Mesh WiFi System versions 5.16.1.33 and earlier Description: The issue concerns a lack of authentication in the Boa webserver, allowing remote, unauthenticated attackers to retrieve logs containing sensitive system information...

5.3CVSS7.2AI score0.0044EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/10/06 12:0 a.m.9 views

PT-2024-32542 · Elementor · Elementsready Addons For Elementor

Name of the Vulnerable Software and Affected Versions: ElementsReady Addons for Elementor versions n/a through 6.4.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

6.5CVSS5.7AI score0.00254EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/09/13 12:0 a.m.5 views

PT-2024-37781 · Tnb Mobile Solutions · Tnb Mobile Solutions Cockpit

Name of the Vulnerable Software and Affected Versions: TNB Mobile Solutions Cockpit Software versions prior to v2.13 Description: The issue is related to the use of hard-coded credentials in TNB Mobile Solutions Cockpit Software, allowing unauthorized access to read sensitive strings within an...

9.8CVSS6.9AI score0.00433EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.5 views

PT-2024-38071 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress versions up to, and including, 5.9.27 Description: The issue is related to Stored Cross-Site Scripting via the no more...

6.4CVSS5.9AI score0.00416EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.5 views

PT-2024-29006 · Netbox · Netbox

Name of the Vulnerable Software and Affected Versions: netbox version 4.0.3 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at "/dcim/interfaces/add/". Recommendations: For netbox versio...

7.1CVSS6AI score0.004EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.6 views

PT-2024-28718 · Unknown +1 · Opensearch +1

Name of the Vulnerable Software and Affected Versions: OpenSearch versions prior to 2.14 Description: An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when accessi...

5.4CVSS7AI score0.00305EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/05/22 12:0 a.m.7 views

PT-2024-28414 · WordPress · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Element Pack Elementor Addons plugin for WordPress versions up to, and including, 5.6.3 Description: The issue arises from the plugin not properly checking all variations of an administrator's email, allowing unauthenticated attackers to...

5.3CVSS7.1AI score0.00425EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.4 views

PT-2024-21309 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform

Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 Description: A critical issue has been found, affecting an unknown part of the file /api/client/editemedia.php. The manipulation of the enterprise uuid argument leads t...

9.8CVSS7.2AI score0.00549EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.4 views

PT-2024-18092 · Themeisle · Orbit Fox

Name of the Vulnerable Software and Affected Versions: The Orbit Fox by ThemeIsle plugin for WordPress versions up to, and including, 2.10.30 Description: The issue is related to Stored Cross-Site Scripting via the form widget addr2 width attribute due to insufficient input sanitization and outpu...

6.4CVSS8AI score0.00532EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/02/01 12:0 a.m.2 views

PT-2024-14023 · Ibm · Ibm Powersc

Name of the Vulnerable Software and Affected Versions: IBM PowerSC versions 1.3 through 2.1 Description: The issue is related to the lack of logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. Recommendations: For IBM PowerS...

6.3CVSS5.5AI score0.00285EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/07/24 12:0 a.m.5 views

PT-2023-12954 · Nokia · Nokia Netact

Name of the Vulnerable Software and Affected Versions: Nokia NetAct version 22 Description: An issue was discovered in the Administration of Measurements website section, where a malicious user can edit or add the templateName parameter to include malicious code. This code is then downloaded as a...

8.8CVSS8.4AI score0.00859EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.2 views

PT-2023-34042 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.86 Description: The issue is related to a null pointer dereference in the hugetlbfs parse param function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kern...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/06/30 12:0 a.m.5 views

PT-2022-22356 · Jenkins · Jenkins Opsgenie Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins OpsGenie Plugin versions 1.9 and earlier Description: The issue concerns the transmission and storage of API keys in plain text. Specifically, API keys are transmitted in plain text as part of the global Jenkins configuration form and...

4.3CVSS4.3AI score0.00393EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/08/23 12:0 a.m.4 views

PT-2021-4449 · D Link · Dsr-500N

Name of the Vulnerable Software and Affected Versions: D-Link DSR-500N version 1.02 D-Link DSR-500N versions prior to 2.12/2 Description: The issue is related to hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. If an attacker recovers the cleartext password of the...

10CVSS7.1AI score0.02196EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2020/04/23 12:0 a.m.5 views

PT-2025-26460

Name of the Vulnerable Software and Affected Versions: Edimax EW-7438RPn versions 1.13 and prior Description: An OS command injection issue exists, allowing an authenticated attacker to inject shell commands and achieve arbitrary command execution as the root user. This is due to the improper...

9.4CVSS7.2AI score0.03859EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2019/09/10 12:0 a.m.4 views

PT-2019-3196 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to a driver vulnerability in the ws2ifsl.sys Winsock component of the Windows operating system, which is associated with errors in processing objects in...

7.8CVSS6.5AI score0.19403EPSS
Exploits2References16
Positive Technologies
Positive Technologies
added 2009/07/29 12:0 a.m.5 views

PT-2009-3491

Name of the Vulnerable Software and Affected Versions Microsoft Visual Studio .NET versions 2003 SP1 through 2008 Microsoft Visual C++ versions 2005 SP1 through 2008 SP1 Windows versions 2000 SP4 through XP SP3, Server 2003 SP2, Vista Gold through SP2, and Server 2008 Gold through SP2 Description...

9.3CVSS6.7AI score0.42004EPSS
Exploits5References29
Rows per page
Query Builder