Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/05/27 8:13 p.m.12 views

CVE-2026-44668

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invoke without checking for a valid session. Four action methods in BoilerPlateConfig perform no local...

9.8CVSS5.8AI score0.00364EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

Faction 安全漏洞

Faction is an open-source report generation and evaluation framework developed by Faction Security. Versions of Faction prior to 1.8.3 contained security vulnerabilities. These vulnerabilities stemmed from the lack of output encoding for attachment file names during the evaluation file preview...

8.7CVSS5.7AI score0.00211EPSS
Exploits0References2
NVD
NVD
added 2026/03/23 9:17 p.m.3 views

CVE-2026-23483

Blinko is an AI-powered card note-taking project. In versions from 1.8.3 and prior, the plugin file server endpoint uses join to concatenate paths but does not verify if the final path is within the plugins directory, leading to path traversal. At time of publication, there are no publicly...

6.9CVSS0.00771EPSS
Exploits0References1
OSV
OSV
added 2022/12/19 2:15 p.m.3 views

CVE-2022-4058

The Photo Gallery by 10Web WordPress plugin before 1.8.3 does not validate and escape some parameters before outputting them back in in JS code later on in another page, which could lead to Stored XSS issue when an attacker makes a logged in admin open a malicious URL or page under their control...

5.4CVSS5.9AI score0.00244EPSS
Exploits2References1
PyPA
PyPA
added 2022/09/21 12:15 p.m.5 views

PYSEC-2022-283

Improper Privilege Management in GitHub repository octoprint/octoprint prior to 1.8.3...

8.8CVSS6.7AI score0.00437EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2022/09/21 12:0 a.m.4 views

OctoPrint 安全漏洞

OctoPrint is an application. Provides a fast web interface for controlling consumer 3D printers. A security vulnerability exists in versions prior to OctoPrint 1.8.3 that stems from incorrect privilege management...

8.8CVSS6.3AI score0.00437EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEV
added 2021/03/15 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-24186

The tutoransweringquizquestion/getanswerbyid function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students...

6.5CVSS6.7AI score0.01253EPSS
Exploits2References1
OSV
OSV
added 2017/09/25 5:29 p.m.3 views

DEBIAN-CVE-2015-6748

Cross-site scripting XSS vulnerability in jsoup before 1.8.3...

6.1CVSS6.2AI score0.02207EPSS
Exploits0References1
OSV
OSV
added 2016/06/25 9:59 p.m.5 views

CVE-2016-4827

Cross-site scripting XSS vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4826...

6.1CVSS5.9AI score0.01491EPSS
Exploits0References3
OSV
OSV
added 2016/06/25 9:59 p.m.5 views

CVE-2016-4826

Cross-site scripting XSS vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4827...

6.1CVSS5.9AI score0.01491EPSS
Exploits0References3
Rows per page
Query Builder