Lucene search
+L

77 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:26 a.m.5 views

CVE-2023-27525

An authenticated user with Gamma role authorization could have access to metadata information using non trivial methods in Apache Superset up to and including 2.0.1...

4.3CVSS6.5AI score0.00773EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/03 11:59 a.m.5 views

WordPress Wigi <= 2.0.1 - Arbitrary File Upload Vulnerability

Arbitrary File Upload Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Theme Wigi versions = 2.0.1...

9.9CVSS7AI score0.00437EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/02/14 1:0 p.m.6 views

WordPress IE CSS3 Support Plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin IE CSS3 Support versions = 2.0.1...

7.1CVSS6.1AI score0.00294EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 5:46 a.m.5 views

CVE-2024-49672

Cross-Site Request Forgery CSRF vulnerability in giffordcheung Google Docs RSVP google-docs-rsvp-guestlist allows Stored XSS.This issue affects Google Docs RSVP: from n/a through = 2.0.1...

7.1CVSS5.9AI score0.00166EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/16 6:41 p.m.4 views

WordPress G Web Pro Store Locator plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin G Web Pro Store Locator versions = 2.0.1...

7.1CVSS6.1AI score0.00342EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/12/14 12:0 a.m.4 views

WordPress plugin My IDX Home Search 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in PHP. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...

6.4CVSS7.7AI score0.00358EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/11/11 7:5 a.m.5 views

WordPress Devexhub Gallery plugin <= 2.0.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Devexhub Gallery versions = 2.0.1...

10CVSS7AI score0.00496EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/10/24 1:15 p.m.5 views

CVE-2024-10180

The Contact Form 7 – Repeatable Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's fieldgroup shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

5.4CVSS5.9AI score0.00304EPSS
Exploits0References3
OSV
OSV
added 2024/10/18 5:15 a.m.2 views

CVE-2024-9361

The Bulk images optimizer: Resize, optimize, convert to webp, rename … plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveconfiguration' function in all versions up to, and including, 2.0.1. This makes it possible for authenticate...

4.3CVSS5.8AI score0.00314EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/02 12:46 a.m.9 views

WordPress Demo Importer Plus plugin <= 2.0.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin Demo Importer Plus versions = 2.0.1...

6.4CVSS5.8AI score0.00303EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/09/11 12:0 a.m.5 views

Reedos aiM-Star 安全漏洞

Reedos aiM-Star is a software product from Reedos for mutual fund distribution. A security vulnerability exists in Reedos aiM-Star version 2.0.1, which stems from the lack of a restriction on excessive failed authentication attempts for API-based logins, which could lead to unauthorized access an...

9.8CVSS6.8AI score0.00564EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/07/09 6:21 a.m.6 views

WordPress Product Table by WBW plugin <= 2.0.1 - Unauthenticated Remote Code Execution vulnerability

Unauthenticated Remote Code Execution vulnerability discovered by Foxyyy in WordPress Plugin Product Table by WBW versions = 2.0.1...

9.8CVSS7.5AI score0.01211EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/05/28 12:0 a.m.6 views

ORing IAP-420 跨站脚本漏洞

The ORing Net IAP-420+ is a wireless access point from China Power ORing. A security vulnerability exists in ORing IAP-420 version 2.01e and prior versions, which stems from a lack of input validation and operating system command integration for input in the web interface, resulting in command...

8.8CVSS6.8AI score0.234EPSS
Exploits3References3
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.6 views

Apollo Authorization Issues Vulnerabilities

Apollo is a set of PHP scripts by Alex Breen, an individual developer. It is intended to provide a web-based interface for students to upload course assignments. An authorization issue vulnerability exists in Apollo versions 2.0.0 and 2.0.1, which stems from the inclusion of unknown functions in...

4.3CVSS6.9AI score0.00463EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/11/10 9:35 a.m.3 views

Malicious code in flink-dashboard (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e9f73b295599c7e74ec00ae60260502674bcb6b7077f1845295691fee703495 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
CNNVD
CNNVD
added 2023/10/17 12:0 a.m.4 views

JTEKT ELECTRONICS OnSinView2 Buffer Error Vulnerability

JTEKT ELECTRONICS OnSinView2 is an application from JTEKT ELECTRONICS, Inc. A security vulnerability exists in JTEKT ELECTRONICS OnSinView2 version 2.0.1 and prior versions, which stems from an improperly restricted operation within a memory buffer. The vulnerability can be exploited by an attack...

7.8CVSS6.9AI score0.002EPSS
Exploits0References4
OSV
OSV
added 2023/08/08 10:15 a.m.7 views

CVE-2023-38679

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0008, Tecnomatix Plant Simulation V2302 All versions V2302.0002. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. Thi...

7.8CVSS7.4AI score0.00222EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/07/16 12:0 a.m.5 views

PT-2023-25719 · Livelyworks · Livelyworks Articart

Name of the Vulnerable Software and Affected Versions: LivelyWorks Articart version 2.0.1 Description: A vulnerability has been found in LivelyWorks Articart, affecting an unknown functionality of the file "/items/search". The manipulation of the search term argument leads to cross-site scripting...

5.4CVSS4.2AI score0.00357EPSS
Exploits0References5
PyPA
PyPA
added 2023/05/11 2:15 a.m.5 views

PYSEC-2023-70

A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter...

7.5CVSS6.9AI score0.00996EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/02/16 12:0 a.m.3 views

Intel CVAT 代码问题漏洞

CVAT is an interactive video and image annotation tool for computer vision. A security vulnerability exists in IntelR CVAT prior to version 2.0.1, which can be exploited by an attacker to disclose information via network access hidden enablement...

6.5CVSS6.4AI score0.00453EPSS
Exploits0References2
Rows per page
Query Builder