Lucene search
K

8 matches found

NVD
NVD
added 2026/06/02 8:16 p.m.13 views

CVE-2026-34077

React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...

7.5CVSS0.00294EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/01/21 6:30 p.m.9 views

phpPgAdmin contains a remote command execution vulnerability

phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query manipulation. Attackers can create a custom table, upload a malicious .txt file, and use the COPY FROM PROGRAM command to execute operatin...

6.3AI score0.00262EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.6 views

PT-2025-51405

Name of the Vulnerable Software and Affected Versions Avada versions through 7.13.1 Description A missing authorization flaw exists in ThemeFusion Avada. This issue allows access to functionality that is not properly restricted by Access Control Lists ACLs. Recommendations Update Avada to a versi...

6.5AI score0.00214EPSS
Exploits0References3
OSV
OSV
added 2025/11/20 3:30 p.m.3 views

GHSA-H369-CPJJ-QFFF phppgadmin vulnerable to Cross-site Scripting

phpPgAdmin versions 7.13.0 and earlier contain multiple cross-site scripting XSS vulnerabilities across various components. User-supplied inputs from $REQUEST parameters are reflected in HTML output without proper encoding or sanitization in multiple locations including sequences.php, indexes.php...

5.3CVSS6.3AI score0.00198EPSS
Exploits0References6
NVD
NVD
added 2025/11/10 10:15 p.m.7 views

CVE-2025-64484

OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. In versions prior to 7.13.0, all deployments of OAuth2 Proxy in front of applications that normalize underscores to dashe...

8.5CVSS0.00625EPSS
Exploits0References5
HackRead
HackRead
added 2025/08/09 2:46 p.m.30 views

WinRAR Zero-Day CVE-2025-8088 Exploited to Spread RomCom Malware

Critical WinRAR flaw CVE-2025-8088 exploited by Russia-linked hackers to spread RomCom malware, update to version 7.13 now to…...

8.4CVSS6.8AI score0.85778EPSS
Exploits35
CNNVD
CNNVD
added 2020/11/18 12:0 a.m.9 views

SuiteCRM 跨站脚本漏洞

SuiteCRM is a free open source customer relationship management application. A stored cross-site scripting vulnerability exists in the Document Preview feature of SuiteCRM 7.11.13. A remote authenticated attacker can exploit this vulnerability to inject arbitrary web script or HTML...

5.4CVSS6AI score0.00636EPSS
Exploits0References2
CNVD
CNVD
added 2016/07/18 12:0 a.m.7 views

Unspecified Vulnerability in Schneider Electric Pelco Digital Sentry Video Management System

Schneider Electric Pelco Digital Sentry Video Management System is a video recording system from Schneider Electric France. A security vulnerability exists in the Schneider Electric Pelco Digital Sentry Video Management System using firmware prior to version 7.13, which stems from the program's u...

10CVSS7.7AI score0.0579EPSS
Exploits0References1
Rows per page
Query Builder