Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.10 views

PT-2026-28325

Name of the Vulnerable Software and Affected Versions Spring AI versions 1.0.0 through 1.0.4 Spring AI versions 1.1.0 through 1.1.3 Description Spring AI’s spring-ai-bedrock-converse component has a Server-Side Request Forgery SSRF issue within the BedrockProxyChatModel. This occurs when handling...

8.6CVSS5.9AI score0.00353EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.7 views

PT-2025-44270

Name of the Vulnerable Software and Affected Versions Thumbnail Slider With Lightbox versions up to and including 1.0.4 Description The Thumbnail Slider With Lightbox plugin for WordPress is susceptible to SQL Injection through the id parameter. Insufficient escaping of user-supplied input and...

4.9CVSS6.6AI score0.0027EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/08/18 12:0 a.m.4 views

PT-2023-27306 · Unknown · Social Media Skeleton

Name of the Vulnerable Software and Affected Versions: Social media skeleton versions prior to 1.0.5 Description: Insufficient session expiration is a web application security vulnerability that occurs when a web application does not properly manage the lifecycle of a user's session. This issue...

9.8CVSS9.4AI score0.00434EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/02/21 12:0 a.m.3 views

PT-2023-16622 · Answerdev · Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.5 Description: The issue is related to Cross-site Scripting XSS - Stored, which affects the GitHub repository answerdev/answer. Cross-site Scripting XSS is a type of security vulnerability that occurs wh...

6.3CVSS6.2AI score0.00393EPSS
Exploits1References9
Snyk
Snyk
added 2021/02/23 6:5 p.m.4 views

Arbitrary Command Injection

Overview portprocesses is a This tool letes you list and kill processes on a specified port. Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given to the killProcess function, it is possible for an attacker to execute arbitrary...

8.8CVSS7.4AI score0.0182EPSS
Exploits1References2
Rows per page
Query Builder