Lucene search
K

60 matches found

CNNVD
CNNVD
added 2024/02/27 12:0 a.m.4 views

WordPress plugin WP JobSearch security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

7.5CVSS7AI score0.00602EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.6 views

WordPress plugin My Account Page Editor security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability in the WordPress plugin My...

8.8CVSS7.9AI score0.00816EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/12/26 12:0 a.m.5 views

WordPress plugin rtMedia security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

8.8CVSS6.7AI score0.00816EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/12/04 12:0 a.m.6 views

WordPress plugin Welcart e-Commerce security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

8.8CVSS6.7AI score0.00479EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/09/28 12:0 a.m.3 views

CMS Made Simple Cross-Site Scripting Vulnerability

CMS Made Simple CMSMS is an open source content management system CMS by Cmsms team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A cross-site scripting vulnerability exists in CMS Made Simple...

5.4CVSS6.3AI score0.00546EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/09/28 12:0 a.m.5 views

WBCE CMS Cross-Site Scripting Vulnerability

WBCE CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in WBCE CMS version v.1.6.1, which stems from not validating uploaded files...

5.4CVSS6.3AI score0.00417EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/08/14 12:0 a.m.5 views

PT-2023-7523 · Aleos · Aleos

Name of the Vulnerable Software and Affected Versions: ALEOS versions 4.16 and earlier Description: The issue is related to the ACEManager component of the ALEOS operating system, which does not validate uploaded file names and types. This could potentially allow an authenticated user to perform...

7.5CVSS5.8AI score0.00482EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/04/24 12:0 a.m.5 views

Nokia NetAct 跨站脚本漏洞

Nokia NetAct is a network management system from the Finnish company Nokia. A security vulnerability exists in Nokia NetAct versions prior to 22 SP1037, which stems from the configuration tool's upload option not validating file contents. An attacker could exploit the vulnerability to perform...

6.8CVSS5.4AI score0.00371EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/30 12:0 a.m.7 views

WordPress plugin Membership For WooCommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in the...

9.8CVSS8.8AI score0.17569EPSS
Exploits2References3
CNNVD
CNNVD
added 2022/07/25 12:0 a.m.4 views

WordPress plugin Request a Quote 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

8.8CVSS7.6AI score0.01184EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/07/07 12:0 a.m.5 views

WordPress plugin nextgen-galery 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

8.8CVSS8AI score0.01927EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/06/13 12:0 a.m.4 views

Church Management System SQL注入漏洞

Church Management System is a church management system. version 1.0 of Church Management System is vulnerable to a file upload vulnerability that results from a lack of validation of uploaded files by the application. An attacker could exploit this vulnerability to upload malicious files to...

9.8CVSS6.1AI score0.01214EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/05/17 12:0 a.m.5 views

IBM Sterling B2B Integrator 代码问题漏洞

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities.A denial of service vulnerability exists in IBM Sterling B2B...

6.5CVSS6.5AI score0.00895EPSS
Exploits0References3
OSV
OSV
added 2022/04/28 3:15 p.m.4 views

CVE-2021-43934

Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files...

9.8CVSS7.4AI score
Exploits0References1
CNNVD
CNNVD
added 2022/03/14 12:0 a.m.4 views

Zenario CMS 代码问题漏洞

Zenario CMS is an open source application from Zenario. A file upload vulnerability exists in Zenario CMS version 9.0.54156, which stems from the application's lack of validation of uploaded files. An attacker could exploit the vulnerability to upload malicious files to remotely execute arbitrary...

7.2CVSS6AI score0.02484EPSS
Exploits5References5
CNNVD
CNNVD
added 2022/01/12 12:0 a.m.3 views

Printable Staff Id Card Creator System 代码问题漏洞

Printable Staff Id Card Creator System is a small project by Patrick Mvuma personal developer. It is intended to be used by administrators of a company or organization to enroll new employees and create their ID cards and print them. Printable Staff ID Card Creator System has a code issue...

9.8CVSS8.4AI score0.03865EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/08/20 12:0 a.m.4 views

Baserow 代码问题漏洞

Baserow is an open source no-code database and Airtable replacement. A security vulnerability exists in Baserow versions prior to 1.1.0, which stems from the URL file upload feature of the software not validating and escaping parameters. This allowed a remote authenticated user to retrieve networ...

7.7CVSS6.6AI score0.01288EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/08/12 12:0 a.m.5 views

AikCms 代码问题漏洞

AikCms AikCms is a content management system CMS based on PHP and MySQL. A security vulnerability exists in AikCms version v2.0.0, which originates from uploaded files not validated in the background file management...

7.2CVSS7.1AI score0.00976EPSS
Exploits1References1
OSV
OSV
added 2019/06/20 5:15 p.m.4 views

CVE-2019-12744

SeedDMS before 5.1.11 allows Remote Command Execution RCE because of unvalidated file upload of PHP scripts, a different vulnerability than CVE-2018-12940...

7.5CVSS7AI score0.11696EPSS
Exploits9References4
Gentoo Linux
Gentoo Linux
added 2005/01/10 12:0 a.m.23 views

TikiWiki: Arbitrary command execution

Background TikiWiki is a web-based groupware and content management system CMS, using PHP, ADOdb and Smarty. Description TikiWiki lacks a check on uploaded images in the Wiki edit page. Impact A malicious user could run arbitrary commands on the server by uploading and calling a PHP script...

7.5CVSS2.3AI score0.01807EPSS
Exploits0
Rows per page
Query Builder