Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27716

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00146EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/01 8:15 p.m.9 views

CVE-2025-24289

A Cross-Site Request Forgery CSRF leading to Cross-Site Scripting XSS vulnerability in the UCRM Client Signup Plugin v1.3.4 and earlier could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default...

7.5CVSS6.5AI score0.00146EPSS
Exploits0References1
NVD
NVD
added 2025/06/29 8:15 p.m.8 views

CVE-2025-24289

A Cross-Site Request Forgery CSRF leading to Cross-Site Scripting XSS vulnerability in the UCRM Client Signup Plugin v1.3.4 and earlier could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default...

7.5CVSS0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/29 7:25 p.m.9 views

CVE-2025-24289

A Cross-Site Request Forgery CSRF leading to Cross-Site Scripting XSS vulnerability in the UCRM Client Signup Plugin v1.3.4 and earlier could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default...

7.5CVSS0.00146EPSS
Exploits0References1
CVE
CVE
added 2025/06/29 7:25 p.m.18 views

CVE-2025-24289

The CVE-2025-24289 entry concerns the UCRM Client Signup Plugin (versions 1.3.4 and earlier). The documented vulnerability is a CSRF that can lead to XSS and privilege escalation when an Administrator visits a crafted malicious page. The plugin is disabled by default. Affected component: UCRM Cli...

7.5CVSS7AI score0.00146EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/29 7:25 p.m.3 views

CVE-2025-24289

A Cross-Site Request Forgery CSRF leading to Cross-Site Scripting XSS vulnerability in the UCRM Client Signup Plugin v1.3.4 and earlier could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default...

7.5CVSS6.4AI score0.00146EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/29 12:0 a.m.5 views

PT-2025-27378 · Unknown · Ucrm Client Signup Plugin

Name of the Vulnerable Software and Affected Versions: UCRM Client Signup Plugin versions 1.3.4 and earlier Description: A Cross-Site Request Forgery CSRF leading to Cross-Site Scripting XSS issue could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious...

7.5CVSS6.8AI score0.00146EPSS
Exploits0References5
Rows per page
Query Builder