Lucene search
K

10 matches found

CVE
CVE
added 2026/06/24 6:13 p.m.40 views

CVE-2026-53943

The CVE-2026-53943 entry describes a Ghost CMS vulnerability where, on sites behind a shared caching layer, an unauthenticated user can send an x-ghost-preview header that poisons cached responses, altering rendered frontend output. In affected configurations, this cached, request-specific previe...

9.6CVSS5.9AI score0.00244EPSS
Exploits0References1
NVD
NVD
added 2026/02/26 12:15 p.m.6 views

CVE-2026-1198

SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input validation allows an authenticated attacker to prepare a malicious query to the database that will be executed. This issue was fixed in [email protected]...

8.6CVSS0.00307EPSS
Exploits0References2
CVE
CVE
added 2026/02/26 11:27 a.m.18 views

CVE-2026-1198

SIMPLE.ERP is affected by a SQL Injection in the search feature in the "Obroty na kontach" window. The issue arises from insufficient input validation, allowing an authenticated attacker to craft a query that could be executed by the database. The CVE entry notes a high impact (CVSS v4.0 base sco...

8.6CVSS5.8AI score0.00307EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.7 views

PT-2026-22138

SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input validation allows an authenticated attacker to prepare a malicious query to the database that will be executed. This issue was fixed in [email protected] u06...

8.6CVSS5.8AI score0.00307EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/27 8:48 a.m.5 views

EUVD-2026-4762

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1...

9.3CVSS5.9AI score0.00287EPSS
Exploits0References1
NVD
NVD
added 2025/10/21 2:15 p.m.2 views

CVE-2025-9339

SQL injection vulnerability in the fields of warehouse document filtering form in SIMPLE.ERP software allows logged-in user a malicious query injection. Potential exploitation is limited by the 20-character limit in form fields. Identified use case allows to delete tables with a name of maximum 6...

7.1CVSS0.00256EPSS
Exploits0References2
OSV
OSV
added 2025/03/25 11:15 a.m.4 views

CVE-2025-2109

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.30.15 via the init function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

5.8CVSS7.4AI score0.0037EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/01/03 7:14 p.m.4 views

WordPress WP Compress plugin <= 6.30.03 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin WP Compress versions = 6.30.03...

6.1CVSS6.3AI score0.00356EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/12/17 12:0 a.m.4 views

Nordaaker Convos 跨站脚本漏洞

Nordaaker Convos is an open source web browser-based multi-user chat application from Nordaaker, Norway. A cross-site scripting vulnerability exists in Convos-Chat that stems from a stored cross-site scripting XSS issue in Convos-Chat prior to 6.32. An attacker could exploit the vulnerability to...

5.4CVSS5.6AI score0.0073EPSS
Exploits1References4
CNVD
CNVD
added 2020/02/19 12:0 a.m.3 views

mIRC Resource Management Error Vulnerability

mIRC is a Windows-based interconnected relay chat client program. A resource management error vulnerability exists in mIRC versions prior to 6.35. An attacker can exploit this vulnerability to cause a denial of service crash with a long alias...

7.5CVSS6.7AI score0.01348EPSS
Exploits0References1
Rows per page
Query Builder