Lucene search
+L

45 matches found

patchstack
patchstack
added 2025/02/11 3:24 p.m.9 views

WordPress Easy Booked Plugin <= 2.4.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by l8BL Patchstack Alliance in WordPress Plugin Easy Booked – Appointment Booking and Scheduling Management System for WordPress versions = 2.4.5...

5.4CVSS6.9AI score0.00132EPSS
Exploits0Affected Software1
cnnvd
cnnvd
added 2024/08/20 12:0 a.m.6 views

WordPress plugin Chatbot with ChatGPT 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A security vulnerability...

9.8CVSS7.8AI score0.00739EPSS
Exploits1References2
patchstack
patchstack
added 2024/08/16 11:41 a.m.7 views

WordPress Clone plugin <= 2.4.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Clone versions = 2.4.5...

8.8CVSS7AI score0.0044EPSS
Exploits0Affected Software1
osv
osv
added 2024/08/14 12:35 p.m.5 views

GHSA-8W5F-8992-G86J Magento Improper Authorization vulnerability

Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information...

4.3CVSS6.6AI score0.00442EPSS
Exploits0References3
osv
osv
added 2024/06/14 12:15 a.m.6 views

CVE-2023-36504

Missing Authorization vulnerability in BBS e-Theme BBS e-Popup.This issue affects BBS e-Popup: from n/a through 2.4.5...

9.8CVSS7.3AI score0.00482EPSS
Exploits0References1
patchstack
patchstack
added 2024/06/12 8:17 a.m.5 views

WordPress Newsletter - API addon for Newsletter plugin <= 2.4.5 - Missing Authorization to Email Subscribers Management vulnerability

WordPress Newsletter - API addon for Newsletter plugin = 2.4.5 - Missing Authorization to Email Subscribers Management vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Newsletter - API addon Premium versions = 2.4.5...

6.5CVSS7AI score0.00317EPSS
Exploits0References1Affected Software1
vulncheck_kev
vulncheck_kev
added 2024/04/04 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-20720

Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user...

9.1CVSS8AI score0.03687EPSS
Exploits0References1
osv
osv
added 2024/02/15 1:39 p.m.5 views

CVE-2024-20716 Force high-usage of resources by generating unlimited coupons: Adobe Commerce

Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to an application denial-of-service. A high-privileged attacker could leverage this vulnerability to exhaust system resources, causing the applicatio...

4.9CVSS6AI score0.00874EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/06/15 12:0 a.m.3 views

Adobe Commerce 代码问题漏洞

Adobe Commerce is a leading global digital commerce solution for merchants and brands from Adobe. A code issue vulnerability exists in Adobe Commerce that stems from the presence of a Server Request Forgery SSRF vulnerability. An attacker could exploit the vulnerability to read arbitrary system...

4.9CVSS5.7AI score0.00861EPSS
Exploits0References3
osv
osv
added 2023/05/10 9:15 a.m.4 views

CVE-2023-27455

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Maui Marketing Update Image Tag Alt Attribute plugin = 2.4.5 versions...

6.1CVSS6.8AI score0.00382EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/03/15 12:0 a.m.6 views

PT-2023-21019 · Jizhicms · Jizhicms

Name of the Vulnerable Software and Affected Versions: Jizhicms version 2.4.5 Description: An arbitrary file upload vulnerability in the CommonController.php component allows attackers to execute arbitrary code via a crafted phtml file. This issue is related to the admincCommonController.php...

7.2CVSS7.1AI score0.00951EPSS
Exploits1References6
susecve
susecve
added 2023/02/15 4:28 a.m.3 views

SUSE CVE-2018-9259

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash. This was addressed in epan/dissectors/file-mp4.c by restricting the box recursion depth...

5.3CVSS6.8AI score0.02317EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2023/02/03 12:0 a.m.6 views

PT-2023-12307 · Unknown · Jeecg-Boot

Name of the Vulnerable Software and Affected Versions: jeecg-boot versions 2.4.5 and earlier Description: The issue allows remote attackers to gain escalated privilege and view sensitive information. This is achieved via the "api uri:/sys/user/checkOnlyUser?username=admin" endpoint, where the...

7.5CVSS7.6AI score0.00801EPSS
Exploits0References5
osv
osv
added 2023/01/17 8:15 p.m.4 views

UBUNTU-CVE-2022-36760

Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions...

9CVSS6.7AI score0.01879EPSS
Exploits0References7
attackerkb
attackerkb
added 2022/09/17 8:15 p.m.2 views

CVE-2022-3232

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.5...

6.5CVSS6.4AI score0.00331EPSS
Exploits1References3
osv
osv
added 2022/06/09 5:15 p.m.4 views

DEBIAN-CVE-2022-26377

Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions...

7.5CVSS8.6AI score0.19008EPSS
Exploits1References1
circl
circl
added 2022/03/14 5:23 p.m.4 views

CVE-2022-24576

creationtimestamp| type| source ---|---|--- 2022-03-14 17:23:45+00:00| seen| https://t.me/cibsecurity/38885...

5.5CVSS6.5AI score0.0068EPSS
Exploits1References1
cnnvd
cnnvd
added 2022/03/14 12:0 a.m.4 views

Apache HTTP Server 环境问题漏洞

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server is vulnerable to an environmental issue that results from Apache HTTP Server's inability to close inbound connections when dropping the body of a request, leading to request smuggling. The vulnerability...

9.8CVSS8.2AI score0.28189EPSS
Exploits0References53
vulnrichment
vulnrichment
added 2022/03/09 5:8 p.m.0 views

CVE-2022-24526 Visual Studio Code Spoofing Vulnerability

...

6.1CVSS6.6AI score0.01555EPSS
Exploits0References1
circl
circl
added 2021/11/08 8:29 p.m.8 views

CVE-2021-24575

creationtimestamp| type| source ---|---|--- 2021-11-08 20:29:26+00:00| seen| https://t.me/cibsecurity/31997...

8.8CVSS8.1AI score0.01318EPSS
Exploits1References1
Rows per page
Query Builder