CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-50346

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00183EPSS

Exploits0References1

CNNVD•added 2024/03/25 12:0 a.m.•1 views

Axonaut 安全漏洞

Axonaut is a compliant, comprehensive and fully managed software from Axonaut. A security vulnerability exists in Axonaut v.3.1.23 and prior versions, which originated from a vulnerability that allows remote attackers to obtain sensitive information via the log.txt component...

7.5CVSS6.5AI score0.0006EPSS

Exploits0References3

Positive Technologies•added 2023/12/20 12:0 a.m.•3 views

PT-2023-22731 · Unknown · Themefic Ultimate Addons For Contact Form 7

Name of the Vulnerable Software and Affected Versions: Themefic Ultimate Addons for Contact Form 7 versions 3.1.23 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential...

8.5CVSS8.5AI score0.00131EPSS

Exploits0References6

OSV•added 2023/06/19 12:15 p.m.•3 views

CVE-2022-47586

Unauth. SQL Injection SQLi vulnerability in Themefic Ultimate Addons for Contact Form 7 plugin = 3.1.23 versions...

9.8CVSS5.8AI score

Exploits0References1

Positive Technologies•added 2023/06/09 12:0 a.m.•4 views

PT-2023-17120 · WordPress · Ultimate Addons For Contact Form 7

Name of the Vulnerable Software and Affected Versions: The Ultimate Addons for Contact Form 7 plugin for WordPress versions up to and including 3.1.23 Description: The issue allows authenticated attackers of any authorization level to perform SQL Injection via the id parameter. This enables them ...

8.8CVSS7.3AI score0.00716EPSS

Exploits0References6

VulnCheck KEV•added 2023/06/07 12:0 a.m.•2 views

VulnCheck KEV: CVE-2021-4358

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an unknown parameter in versions up to, and including, 3.1.23 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.2CVSS6.4AI score0.01896EPSS

Exploits1References1

OSV•added 2022/03/07 9:15 a.m.•2 views

CVE-2021-24810

The WP Event Manager WordPress plugin before 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score

Exploits0References1

CNNVD•added 2021/11/05 12:0 a.m.•4 views

WordPress 访问控制错误漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress DSGVO Tools in version 3.1.23 and earlier has an access control error vulnerability that stems fr...

9.1CVSS5.7AI score0.20073EPSS

Exploits1References3

OpenVAS•added 2019/07/19 12:0 a.m.•37 views

Squid Security Update Advisory (SQUID-2018:4)

Squid is prone to a cross-site scripting vulnerability to incorrect input handling when generating HTTPS response messages about TLS errors. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

6.1CVSS6.2AI score0.10782EPSS

Exploits1References1