Lucene search
K

225 matches found

Positive Technologies
Positive Technologies
added 2025/01/09 12:0 a.m.5 views

PT-2025-4583 · Unknown · Yamna Khawaja Mailing Group Listserv

Name of the Vulnerable Software and Affected Versions: Yamna Khawaja Mailing Group Listserv versions n/a through 2.0.9 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting. This allows for Reflected XSS...

7.1CVSS7.1AI score0.00303EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/09 12:0 a.m.4 views

PT-2025-4716 · Unknown · Robert Peake Responsive Flickr Slideshow

Name of the Vulnerable Software and Affected Versions: Robert Peake Responsive Flickr Slideshow versions n/a through 2.6.0 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting, which allows Stored XSS. This means that...

6.5CVSS6.6AI score0.00206EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/09 12:0 a.m.9 views

PT-2025-2085 · Unknown · Opigno Group Manager

Name of the Vulnerable Software and Affected Versions: Opigno group manager versions 0.0.0 through 3.1.1 Description: The issue is related to the improper neutralization of directives in statically saved code, also known as 'static code injection', which allows for PHP Local File Inclusion in the...

5.5CVSS7.4AI score0.0025EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.4 views

PT-2025-4541 · Addfunc · Addfunc Mobile Detect

Name of the Vulnerable Software and Affected Versions: AddFunc Mobile Detect versions n/a through 3.1 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting'. This allows for Stored XSS in AddFunc Mobile Detect...

6.5CVSS5.8AI score0.00324EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.6 views

PT-2025-4509 · Unknown · Hitesh Patel Metadata Seo

Name of the Vulnerable Software and Affected Versions: Hitesh Patel Metadata SEO versions n/a through 2.3 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker ca...

6.5CVSS7.2AI score0.00334EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.10 views

PT-2025-1804 · WordPress · Infility Global

Name of the Vulnerable Software and Affected Versions: Infility Global plugin for WordPress versions up to, and including, 2.9.8 Description: The issue is related to Reflected Cross-Site Scripting via the set type parameter due to insufficient input sanitization and output escaping. This allows...

6.1CVSS6.8AI score0.00354EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.10 views

PT-2025-3218 · Themelooks · Themelooks Enter Addons

Name of the Vulnerable Software and Affected Versions: ThemeLooks Enter Addons versions n/a through 2.1.9 Description: The issue is related to improper neutralization of input during web page generation, which allows stored cross-site scripting XSS. This means an attacker can inject malicious...

6.5CVSS8.8AI score0.00329EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.6 views

PT-2025-1505 · Unknown · Freesoul Deactivate Plugins

Name of the Vulnerable Software and Affected Versions: Freesoul Deactivate Plugins – Plugin manager and cleanup versions 2.1.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Thi...

4.3CVSS9.4AI score0.00411EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.12 views

PT-2025-3231 · Unknown · Interactive Uk Map

Name of the Vulnerable Software and Affected Versions: Interactive UK Map versions n/a through 3.4.8 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject malicious...

7.1CVSS8.8AI score0.00254EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.7 views

PT-2025-32391 · Gnu +1 · Gnu Cflow +1

Name of the Vulnerable Software and Affected Versions: GNU cflow versions up to 1.8 Description: A problematic issue exists in GNU cflow due to a null pointer dereference in the yylex function within the c.c file of the Lexer component. This issue can be exploited locally. The exploit has been...

4.8CVSS4.3AI score0.00133EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2024/12/27 12:0 a.m.12 views

PT-2024-17132 · WordPress · Wp-Publications

Name of the Vulnerable Software and Affected Versions: wp-publications WordPress plugin versions 1.2 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks even when the unfiltered html capability is disallowed, for example i...

4.8CVSS5.9AI score0.0118EPSS
Exploits3References9
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.6 views

PT-2024-27868 · Agency · Dominion Fusion

Name of the Vulnerable Software and Affected Versions: Agency Dominion Fusion versions n/a through 1.6.1 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject...

6.5CVSS6.3AI score0.00224EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/12/16 12:0 a.m.3 views

PT-2024-36648 · 搜狐畅言 · 搜狐畅言

Name of the Vulnerable Software and Affected Versions: 搜狐畅言 畅言评论系统 versions n/a through 2.0.5 Description: The issue is related to a missing authorization vulnerability that allows the exploitation of incorrectly configured access control security levels. Recommendations: For versions n/a through...

4.3CVSS7.2AI score0.00459EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/12 12:0 a.m.8 views

PT-2024-16726 · WordPress · Ninja Forms

Name of the Vulnerable Software and Affected Versions: Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress versions up to, and including, 3.8.19 Description: The issue is related to Stored Cross-Site Scripting via the calculations parameter due to insufficient input...

7.2CVSS6.5AI score0.00312EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/12/05 12:0 a.m.2 views

PT-2024-16910 · WordPress · Accounting For Woocommerce

Name of the Vulnerable Software and Affected Versions: Accounting for WooCommerce plugin for WordPress versions up to, and including, 1.6.6 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping on the URL. This allows...

6.1CVSS6.8AI score0.00344EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/12/04 12:0 a.m.4 views

PT-2024-9438 · I O Data Device · Ud-Lt1/Ex +1

Name of the Vulnerable Software and Affected Versions: I-O Data Device UD-LT1 versions 2.1.9 and earlier I-O Data Device UD-LT1/EX versions 2.1.9 and earlier Description: The issue allows a remote authenticated attacker with an administrative account to execute arbitrary OS commands. This is due ...

9CVSS7.9AI score0.00904EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2024/11/30 12:0 a.m.8 views

PT-2024-35886 · WordPress · Sparkle Wp Sparkle Elementor Kit

Name of the Vulnerable Software and Affected Versions: Sparkle WP Sparkle Elementor Kit versions through 2.0.9 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This is a Cross-site...

6.5CVSS6.7AI score0.00283EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/11/22 12:0 a.m.5 views

PT-2024-35502 · Adobe · Substance3D - Stager

Name of the Vulnerable Software and Affected Versions: Substance3D - Stager versions 3.0.2 and earlier Description: The issue is an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR...

5.5CVSS6.4AI score0.00267EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.6 views

PT-2024-35275 · W3 Eden · W3 Eden

Name of the Vulnerable Software and Affected Versions: W3 Eden, Inc. Premium Packages versions n/a through 5.9.3 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

7.6CVSS9.9AI score0.00452EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/11/09 12:0 a.m.4 views

PT-2024-34913 · Unknown · Elementsready Addons For Elementor

Name of the Vulnerable Software and Affected Versions: ElementsReady Addons for Elementor versions n/a through 6.4.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References4
Rows per page
Query Builder