Lucene search
K

11 matches found

EUVD
EUVD
added 2026/06/17 6:35 p.m.12 views

EUVD-2026-37647

Unauthenticated Arbitrary File Download in WP Media folder Addon = 4.0.1 versions...

7.5CVSS5.2AI score0.00467EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/22 3:39 a.m.48 views

CVE-2026-7509 KIA Subtitle <= 4.0.1 - [Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')]

The KIA Subtitle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's the-subtitle shortcode before and after attributes in all versions up to, and including, 4.0.1. This is due to insufficient input sanitization and output escaping on user supplied attributes. This...

6.4CVSS0.00249EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.4 views

Selea CarPlateServer 访问控制错误漏洞

Selea CarPlateServer is a car plate recognition software from Selea, Italy. An access control error vulnerability exists in Selea CarPlateServer version 4.0.1.6, which originates from the ability to bypass authentication by manipulating the NOLISTEXEPATH configuration parameter, which could lead ...

9.3CVSS7AI score0.0043EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 4:11 a.m.8 views

CVE-2023-39650

Theme Volty CMS Blog up to version v4.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /tvcmsblog/single...

9.8CVSS8.3AI score0.03631EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2025/03/20 12:32 p.m.12 views

Flask-CORS vulnerable to Improper Handling of Case Sensitivity

corydolphin/flask-cors version 5.0.1 contains a vulnerability where the request path matching is case-insensitive due to the use of the trymatch function, which is originally intended for matching hosts. This results in a mismatch because paths in URLs are case-sensitive, but the regex matching...

7.5CVSS5.1AI score0.00642EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2025/01/29 12:31 a.m.12 views

Apache Hive Incorrectly Assigns Permissions for a Critical Resource

Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are recommended to...

5.5CVSS5.2AI score0.00274EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2024/07/30 12:0 a.m.8 views

IBM Aspera Orchestrator 安全漏洞

IBM Aspera Orchestrator is a Web-based application from International Business Machines IBM, Inc. It can provide data-driven organizations with an efficient document processing pipeline. An HTTP header injection vulnerability exists in IBM Aspera Orchestrator version 4.0.1, which can be exploited...

5.4CVSS6.9AI score0.00264EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/07 12:0 a.m.6 views

PT-2023-21919

Name of the Vulnerable Software and Affected Versions Apache Airflow Spark Provider versions prior to 4.0.1 Description The issue is related to improper input validation in the Apache Airflow Spark Provider. This allows the host and schema of JDBC Hook to contain / and ?, which can be used to...

7.5CVSS7AI score0.02152EPSS
Exploits0References13
OSV
OSV
added 2022/09/09 3:15 p.m.4 views

CVE-2022-36356

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Liam Gladdy / Thirty8 Digital Culture Object plugin = 4.0.1 at WordPress...

4.8CVSS5.8AI score0.00437EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/07/04 12:0 a.m.4 views

PT-2019-13238 · Xpdf · Xpdf

Name of the Vulnerable Software and Affected Versions: Xpdf version 4.01.01 Description: The issue is a heap-based buffer over-read in the JBIG2Stream::readTextRegionSeg function, which can be triggered by sending a crafted PDF document to the pdftoppm tool. This might allow an attacker to cause...

5.5CVSS5.8AI score0.0114EPSS
Exploits1References9
Packet Storm
Packet Storm
added 2008/04/10 12:0 a.m.35 views

phaos-disclose.txt

Remote File Disclosure Vulnerability in showSource.php phaos4.0.1 MY HOmE : WWW.PAL-HACkEr.COM WWW.ATSDP.COM AUTHOR : HaCkeREgY My HoMe : www.PaL-HaCker.com & www.ATSDP.com ConTacT : [email protected] ----------------------------------------------- script: phaos4.0.1...

7.4AI score
Exploits0
Rows per page
Query Builder