Lucene search
K

12 matches found

Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.11 views

PT-2026-6246

Name of the Vulnerable Software and Affected Versions WP Bannerize Pro versions through 1.11.0 Description The software contains a missing authorization issue due to incorrectly configured access control security levels. This allows for potential exploitation. Recommendations Update WP Bannerize...

5.3CVSS5.4AI score0.00187EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/25 12:0 a.m.5 views

PT-2025-39461

Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.8.2 Description A flaw exists in JeecgBoot that allows for improper authorization. This is due to the manipulation of the ids argument within an unknown function of the /sys/tenant/deleteBatch file. The attack can be...

5.3CVSS3.5AI score0.00358EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.3 views

PT-2025-14092 · WordPress · Wp Realestate

Name of the Vulnerable Software and Affected Versions: WP RealEstate plugin versions up to, and including, 1.6.26 Description: The issue is related to insufficient role restrictions in the process register function, allowing unauthenticated attackers to register an account with the Administrator...

9.8CVSS9.4AI score0.00426EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/01/18 12:0 a.m.3 views

PT-2025-2170 · WordPress · Webcamconsult

Name of the Vulnerable Software and Affected Versions: Webcamconsult plugin for WordPress versions up to, and including, 1.5.0 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on a function. This allows unauthenticated attackers to updat...

6.1CVSS9.3AI score0.00178EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/11/15 12:0 a.m.7 views

PT-2024-39590 · Yotpo · Yotpo: Product & Photo Reviews For Woocommerce

Name of the Vulnerable Software and Affected Versions: Yotpo: Product & Photo Reviews for WooCommerce plugin for WordPress versions up to, and including, 1.7.8 Description: The issue is related to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping. This allo...

6.1CVSS8.6AI score0.00443EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/03/04 12:0 a.m.4 views

PT-2024-19077 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 3.2.4 Description: The issue allows a local attacker to cause a sensitive information leak through insecure storage. A local attacker can exploit this to gain access to sensitive information. Recommendations: For...

5.5CVSS6.7AI score0.00197EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/01/20 12:0 a.m.6 views

PT-2024-15192 · WordPress · Wpforms Pro

Name of the Vulnerable Software and Affected Versions: WPForms Pro versions up to, and including, 1.8.5.3 Description: The WPForms Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form submission parameters due to insufficient input sanitization and output escaping. This...

7.2CVSS6.2AI score0.0053EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/06/07 12:0 a.m.5 views

PT-2023-15935 · WordPress · Adsanity

Name of the Vulnerable Software and Affected Versions: AdSanity plugin for WordPress versions up to, and including, 1.8.1 Description: The issue is related to missing file type validation in the ajax upload function, allowing authenticated attackers with Contributor+ level privileges to upload...

8.8CVSS8.7AI score0.02196EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2022/06/14 12:0 a.m.1 views

PT-2022-3000 · Adobe · Illustrator

Name of the Vulnerable Software and Affected Versions: Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier Description: The issue is related to an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of...

7.8CVSS7.6AI score0.00402EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2019/07/16 12:0 a.m.2 views

PT-2019-16503 · Oracle +6 · Mysql Server +5

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.16 and prior Description: The issue allows a high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks can result in the unauthorized ability to cause a hang o...

9.8CVSS6.3AI score0.49739EPSS
Exploits2References617
Positive Technologies
Positive Technologies
added 2018/03/13 12:0 a.m.2 views

PT-2018-16625 · Adobe +2 · Flash Player +2

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 28.0.0.161 and earlier Description: The issue is a type confusion vulnerability that could lead to arbitrary code execution in the context of the current user. It allows attackers to execute code remotely...

10CVSS8.6AI score0.89618EPSS
Exploits47References140
OpenVAS
OpenVAS
added 2009/03/10 12:0 a.m.21 views

Golabi CMS RFI Vulnerability (Mar 2009) - Active Check

Golabi CMS is prone to a remote file include RFI vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.3AI score
Exploits0References1
Rows per page
Query Builder