Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.7 views

PT-2026-32675

Name of the Vulnerable Software and Affected Versions PowerChute Serial Shutdown affected versions not specified Description Improper validation of specified quantity in input occurs when a Web Admin user alters the payload of the 'POST /logsettings' request. This issue can lead to Event and Data...

5.3CVSS5.8AI score0.0017EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/05/04 2:24 a.m.2 views

SUSE CVE-2024-4216

pgAdmin = 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end...

5.8CVSS6.6AI score0.00461EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2023/08/22 7:16 p.m.4 views

CVE-2023-39599

Cross-Site Scripting XSS vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter...

5.4CVSS6.2AI score0.00492EPSS
Exploits1References3
wpexploit
wpexploit
added 2022/09/15 12:0 a.m.151 views

Advanced Comment Form < 1.2.1 - Admin+ Authenticated Stored XSS

The plugin does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. In the settings of the plugin, add the following payload to the text before the form:...

4.8CVSS0.5AI score0.0047EPSS
Exploits2
OSV
OSV
added 2019/05/09 11:29 p.m.4 views

CVE-2019-11869

The Yuzo Related Posts plugin 5.12.94 for WordPress has XSS because it mistakenly expects that isadmin verifies that the request comes from an admin user it actually only verifies that the request is for an admin page. An unauthenticated attacker can inject a payload into the plugin settings, suc...

6.1CVSS6.4AI score0.05331EPSS
Exploits1References3
Rows per page
Query Builder