Lucene search
+L

3967 matches found

CNNVD
CNNVD
added 2026/06/06 12:0 a.m.12 views

WordPress plugin Quiz and Survey Master SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.9CVSS5.8AI score0.00352EPSS
Exploits0References13
Cvelist
Cvelist
added 2026/06/05 11:28 p.m.43 views

CVE-2026-6448 Quiz and Survey Master (QSM) <= 11.1.2 - Authenticated (Admin+) SQL Injection via 'order' and 'limit' Parameters

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order' parameter in all versions up to, and including, 11.1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on...

4.9CVSS0.00352EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2026/06/05 11:28 p.m.10 views

CVE-2026-6448 Quiz and Survey Master (QSM) <= 11.1.2 - Authenticated (Admin+) SQL Injection via 'order' and 'limit' Parameters

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order' parameter in all versions up to, and including, 11.1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on...

4.9CVSS5.7AI score0.00352EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2026/06/05 11:28 p.m.15 views

CVE-2026-6448

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order' parameter in all versions up to, and including, 11.1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on...

4.9CVSS5.7AI score0.00352EPSS
Exploits0References13
CVE
CVE
added 2026/06/05 11:28 p.m.30 views

CVE-2026-6448

The CVE-2026-6448 entry concerns the WordPress plugin Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker. All versions up to 11.1.2 are listed as vulnerable to time-based blind SQL Injection via the order parameter due to insufficient escaping and improper query preparation. The issue enab...

4.9CVSS5.7AI score0.00352EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.9 views

CVE-2026-7510

A vulnerability was determined in OWAP DefectDojo up to 2.55.4. Affected by this vulnerability is an unknown functionality of the component Benchmark/Engagement/Product/Survey. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. The exploit has been...

6.5CVSS6.1AI score0.00281EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.22 views

PT-2026-47068

Name of the Vulnerable Software and Affected Versions Quiz and Survey Master QSM – Easy Quiz and Survey Maker versions prior to 11.1.3 Description The plugin is susceptible to time-based blind SQL Injection, a technique where an attacker asks the database true/false questions and determines the...

4.9CVSS5.6AI score0.00352EPSS
Exploits0References15
vulnersOsv
vulnersOsv
added 2026/06/03 9:14 p.m.7 views

auto-survey (>=0.1.0 <=0.2.5), gptparse (=0.3.0) +5 more potentially affected by CVE-2026-44022 via docling (>=2.73.1 <=2.90.0)

docling PYPI version =2.73.1, =0.1.0, =0.30.1, =0.6.2, =0.0.1, =0.0.1, =0.0.2 Source cves: CVE-2026-44022 Source advisory: OSV:GHSA-2J5P-7P5M-CVQR...

5.5CVSS5.7AI score0.00163EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/06/03 9:13 p.m.7 views

auto-survey (>=0.1.0 <=0.2.5), gptparse (=0.3.0) +12 more potentially affected by CVE-2026-44018 via docling (>=2.51.0 <=2.90.0)

docling PYPI version =2.51.0, =0.1.0, =0.19.2, =1.40.0, =0.6.2, =0.0.1, =0.3.0, =1.0.0, =1.6.2, =1.6.2, =0.2.4, =0.0.1, =0.0.2 Source cves: CVE-2026-44018 Source advisory: OSV:GHSA-R3XG-RG9J-67FV...

7.1CVSS5.7AI score0.00113EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/06/03 9:9 p.m.8 views

auto-survey (>=0.1.0 <=0.2.5), gptparse (=0.3.0) +5 more potentially affected by CVE-2026-44016 via docling (>=2.87.0 <=2.90.0)

docling PYPI version =2.87.0, =0.1.0, =0.40.0, =0.6.2, =0.0.1, =0.0.1, =0.0.2 Source cves: CVE-2026-44016 Source advisory: SNYK:PYTHON-DOCLING-17151857...

8.2CVSS5.7AI score0.00384EPSS
Exploits0
Patchstack
Patchstack
added 2026/06/03 10:5 a.m.11 views

WordPress Quiz And Survey Master plugin <= 11.1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by endy in WordPress Plugin Quiz And Survey Master versions = 11.1.2...

7.1CVSS5.5AI score0.00175EPSS
Exploits1Affected Software1
Packet Storm News
Packet Storm News
added 2026/06/01 12:0 a.m.11 views

Human Factors in Cybersecurity in Icelandic Small and Medium-Sized Enterprises

Cybersecurity threats are increasing in all aspects of society due to the integration of digital systems into modern-day life and a volatile geo-political landscape. Technical factors are an ongoing arms race; however, the threat surface from human and social factors is still present, often...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/28 2:15 p.m.13 views

CVE-2026-9442

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipulation of the argument selSSID can lead to buffer overflow. The attack can be launched remotely. Th...

9CVSS7.8AI score0.00589EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.14 views

CVE-2026-9427

A flaw has been found in Edimax EW-7438RPn 1.31. This impacts the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component webs. This manipulation of the argument selSSID/submit-url causes stack-based buffer overflow. The attack is possible to be carried out remotely. The...

9CVSS7.8AI score0.00445EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/25 8:30 a.m.10 views

CVE-2026-9442 Edimax BR-6478AC POST Request formiNICSiteSurvey buffer overflow

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipulation of the argument selSSID can lead to buffer overflow. The attack can be launched remotely. Th...

9CVSS7.8AI score0.00589EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/25 8:30 a.m.25 views

EUVD-2026-31653

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipulation of the argument selSSID can lead to buffer overflow. The attack can be launched remotely. Th...

9CVSS7.8AI score0.00589EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/25 8:30 a.m.14 views

CVE-2026-9442

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipulation of the argument selSSID can lead to buffer overflow. The attack can be launched remotely. Th...

9CVSS7.8AI score0.00589EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/25 8:30 a.m.25 views

CVE-2026-9442

CVE-2026-9442 affects Edimax BR-6478AC devices running version 1.23, impacting the POST request handler function /goform/formiNICSiteSurvey. The vulnerability arises from a manipulation of the argument selSSID in formiNICSiteSurvey, leading to a buffer overflow. Exploitation is described as remot...

9CVSS7.8AI score0.00589EPSS
Exploits0References4
NVD
NVD
added 2026/05/25 5:16 a.m.13 views

CVE-2026-9427

A flaw has been found in Edimax EW-7438RPn 1.31. This impacts the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component webs. This manipulation of the argument selSSID/submit-url causes stack-based buffer overflow. The attack is possible to be carried out remotely. The...

9CVSS0.00445EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/25 4:45 a.m.12 views

CVE-2026-9427

A flaw has been found in Edimax EW-7438RPn 1.31. This impacts the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component webs. This manipulation of the argument selSSID/submit-url causes stack-based buffer overflow. The attack is possible to be carried out remotely. The...

9CVSS6.2AI score0.00445EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder