Lucene search
K

13 matches found

EUVD
EUVD
added 2026/05/07 5:8 a.m.27 views

EUVD-2026-28312

YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php at line 704. The $data'idfiche' value sourced from $POST'idfiche' is concatenated directly into a raw SQL query without any...

8.8CVSS5.8AI score0.00342EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/27 12:0 a.m.8 views

PT-2025-48234

The Customer Reviews Collector for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email-text' parameter in all versions up to, and including, 4.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS5.6AI score0.00175EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-28026

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00221EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/13 12:0 a.m.4 views

WordPress plugin Tournamatch security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS6.1AI score0.00312EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/01/30 12:0 a.m.6 views

Pixel & tonic Craft CMS Injection Vulnerability

Pixel & tonic Craft CMS is a content management system CMS from Pixel & tonic Inc. in the United States. An injection vulnerability exists in Craft CMS version 4.6.1, which stems from the system's use of an unselected volume of the asset element type to save feeds, and can be exploited by a remot...

7.5CVSS7.1AI score0.01073EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.5 views

WordPress plugin AI ChatBot 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS4.9AI score0.00614EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2023/03/29 12:0 a.m.7 views

PT-2023-17166 · Xunruicms · Xunruicms

Name of the Vulnerable Software and Affected Versions: Xunrui CMS version 4.61 Description: A vulnerability was found in Xunrui CMS, affecting some unknown functionality of the file /dayrui/Fcms/View/system log.html. This issue leads to information disclosure and can be exploited remotely...

7.5CVSS4.8AI score0.00497EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.6 views

SUSE CVE-2018-13347

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...

5.3CVSS9.3AI score0.02643EPSS
Exploits0References8
PyPA
PyPA
added 2021/06/08 6:15 p.m.10 views

PYSEC-2021-104

Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Most Python modules are not available for using in TAL...

8.8CVSS6.9AI score0.01574EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2020/11/19 12:0 a.m.4 views

Cisco IoT Field Network Director Cross-Site Scripting Vulnerability

Cisco IoT Field Network Director FND is a network management system for large-scale FAN deployments. A cross-site scripting vulnerability exists in the web UI of Cisco IoT Field Network Director versions prior to 4.6.1. The vulnerability stems from insufficient validation of user-supplied input...

6.1CVSS6.5AI score0.00791EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/11/18 12:0 a.m.5 views

Cisco IoT Field Network Director 路径遍历漏洞

Cisco IoT Field Network Director FND is a network management system for large-scale FAN deployments. A file overwrite vulnerability exists in Cisco IoT Field Network Director versions prior to 4.6.1. The vulnerability stems from inadequate file system protection. An attacker can exploit the...

6.5CVSS6AI score0.01434EPSS
Exploits0References3
OSV
OSV
added 2019/10/23 9:15 p.m.4 views

CVE-2019-8236

Creative Cloud Desktop Application version 4.6.1 and earlier versions have Security Bypass vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user...

9.8CVSS5.8AI score0.03358EPSS
Exploits0References1
OSV
OSV
added 2019/08/16 5:15 p.m.4 views

CVE-2019-7957

Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to denial of service...

7.5CVSS5.8AI score0.03668EPSS
Exploits0References1
Rows per page
Query Builder