CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

RedhatCVE•added 2025/10/30 9:16 a.m.•7 views

CVE-2025-64194

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress Eduma eduma allows Stored XSS.This issue affects Eduma: from n/a through = 5.7.6...

6.5CVSS5.9AI score0.00166EPSS

Exploits0References1

RedhatCVE•added 2025/10/30 9:16 a.m.•4 views

CVE-2025-64195

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThimPress Eduma eduma allows PHP Local File Inclusion.This issue affects Eduma: from n/a through = 5.7.6...

7.5CVSS7.1AI score0.00393EPSS

Exploits0References1

EUVD•added 2025/10/29 9:30 a.m.•6 views

EUVD-2025-36629

7.6CVSS6.6AI score0.00393EPSS

Exploits0References2

EUVD•added 2025/10/29 9:30 a.m.•9 views

EUVD-2025-36630

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress Eduma eduma allows Stored XSS.This issue affects Eduma: from n/a through = 5.7.6...

6.5CVSS5.5AI score0.00166EPSS

Exploits0References2

NVD•added 2025/10/29 9:15 a.m.•8 views

CVE-2025-64194

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress Eduma eduma allows Stored XSS.This issue affects Eduma: from n/a through = 5.7.6...

6.5CVSS0.00166EPSS

Exploits0References1

NVD•added 2025/10/29 9:15 a.m.•11 views

CVE-2025-64195

7.5CVSS0.00393EPSS

Exploits0References1

Positive Technologies•added 2025/10/29 12:0 a.m.•5 views

PT-2025-44241

Name of the Vulnerable Software and Affected Versions ThimPress Eduma versions through 5.7.6 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting issue. This allows for Stored XSS attacks. The affected...

6.5CVSS5.6AI score0.00166EPSS

Exploits0References3

Positive Technologies•added 2025/10/29 12:0 a.m.•5 views

PT-2025-44242

Name of the Vulnerable Software and Affected Versions ThimPress Eduma versions through 5.7.6 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local files...

7.5CVSS6.5AI score0.00393EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•7 views

EUVD-2025-27956

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00224EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•7 views

EUVD-2024-35455

Malicious code in bioql PyPI...

7.1CVSS6.4AI score0.00288EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 6:17 p.m.•7 views

CVE-2025-39460

Missing Authorization vulnerability in ThimPress Eduma eduma allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eduma: from n/a through = 5.6.4...

5.3CVSS6.8AI score0.00224EPSS

Exploits0References1

NVD•added 2025/05/19 6:15 p.m.•11 views

CVE-2025-39460

Missing Authorization vulnerability in ThimPress Eduma eduma allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eduma: from n/a through = 5.6.4...

5.3CVSS0.00224EPSS

Exploits0References1

Positive Technologies•added 2025/05/19 12:0 a.m.•2 views

PT-2025-22045 · Thimpress · Thimpress Eduma

Name of the Vulnerable Software and Affected Versions: ThimPress Eduma versions n/a through 5.6.4 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions n/a through...

5.3CVSS6.1AI score0.00224EPSS

Exploits0References3

RedhatCVE•added 2025/02/04 10:13 p.m.•11 views

CVE-2024-35697

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThimPress Eduma allows Reflected XSS.This issue affects Eduma: from n/a through 5.4.7...

7.1CVSS6.9AI score0.00288EPSS

Exploits0References1

OSV•added 2024/06/08 3:15 p.m.•3 views

CVE-2024-35697

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThimPress Eduma allows Reflected XSS.This issue affects Eduma: from n/a through 5.4.7...

6.1CVSS5.8AI score0.00288EPSS

Exploits0References1

NVD•added 2024/06/08 3:15 p.m.•27 views

CVE-2024-35697

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThimPress Eduma allows Reflected XSS.This issue affects Eduma: from n/a through 5.4.7...

7.1CVSS0.00288EPSS

Exploits0References1

Vulnrichment•added 2024/06/08 2:20 p.m.•25 views

CVE-2024-35697 WordPress Eduma theme <= 5.4.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThimPress Eduma allows Reflected XSS.This issue affects Eduma: from n/a through 5.4.7...

7.1CVSS7AI score0.00288EPSS

Exploits0References1

CVE•added 2024/06/08 2:20 p.m.•80 views

CVE-2024-35697

CVE-2024-35697 (Eduma WordPress theme) is a reflected XSS in Eduma, affecting versions n/a–5.4.7. The issue is a result of improper input neutralization during web page generation, enabling reflected XSS via user-supplied input. The CVE entry notes a patch status of Patched for Eduma

7.1CVSS6.7AI score0.00288EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/06/08 12:0 a.m.•4 views

PT-2024-26645 · Thimpress · Thimpress Eduma

Name of the Vulnerable Software and Affected Versions: ThimPress Eduma versions n/a through 5.4.7 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Reflected XSS. Recommendations: For versions n/a...

7.1CVSS6.5AI score0.00288EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by