Lucene search
+L

8 matches found

redhatcve
redhatcve
added 2025/04/25 5:21 p.m.13 views

CVE-2025-32389

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Prior to version 2.1.4, NamelessMC is vulnerable to SQL injection by providing an unexpected square bracket GET parameter syntax. Square bracket GET parameter syntax refers to the structure ?param0=a1=b2=c utiliz...

8.6CVSS7.9AI score0.00437EPSS
Exploits1References1
cvelist
cvelist
added 2025/04/18 3:51 p.m.15 views

CVE-2025-30357 NamelessMC Forum Topic Deletion Triggered by Unrelated User Deletion

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator...

7.3CVSS0.00406EPSS
Exploits1References3
cnnvd
cnnvd
added 2025/03/21 12:0 a.m.8 views

SMF(Simple Machines Forum) 跨站脚本漏洞

SMF Simple Machines Forum is a free, open source community forum project by Simple Machines Open Source. A cross-site scripting vulnerability exists in SMF Simple Machines Forum version 2.1.4, which stems from improper manipulation of the Notice parameter in the ManageAttachments.php file, and...

5.4CVSS4.2AI score0.00355EPSS
Exploits1References6
ptsecurity
ptsecurity
added 2025/03/14 12:0 a.m.13 views

PT-2025-11254

Name of the Vulnerable Software and Affected Versions: Civi - Job Board & Freelance Marketplace WordPress Theme plugin versions up to, and including, 2.1.4 Description: The issue is due to a lack of user validation before changing a password, making it possible for unauthenticated attackers to...

9.8CVSS6AI score0.00409EPSS
Exploits0References13
attackerkb
attackerkb
added 2023/06/09 6:15 a.m.5 views

CVE-2023-1169

The OoohBoi Steroids for Elementor plugin for WordPress is vulnerable to missing authorization due to a missing capability check on the 'fileuploadercallback' function in versions up to, and including, 2.1.4. This makes it possible for subscriber-level attackers to upload image attachments to the...

4.3CVSS6.6AI score0.00573EPSS
Exploits0References4
cnnvd
cnnvd
added 2023/06/01 12:0 a.m.9 views

PrestaShop 路径遍历漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop tshirtecommerce 2.1.4 and earlier versions, which stems from the...

7.5CVSS7.4AI score0.03573EPSS
Exploits1References2
osv
osv
added 2020/11/22 7:22 p.m.5 views

OPENSUSE-SU-2020:1997-1 Security update for blueman

This update for blueman fixes the following issues: - Update to version 2.1.4 CVE-2020-15238: Fixed a local denial-of-service in the D-Bus interface boo1178196...

7.1CVSS6.8AI score0.04539EPSS
Exploits4References3
cnvd
cnvd
added 2017/08/03 12:0 a.m.6 views

OpenExif 'ExifJpegHUFFTable::deriveTable' function denial of service vulnerability

OpenExif is an object-oriented library for accessing image files in Exif format. A security vulnerability exists in the 'ExifJpegHUFFTable::deriveTable' function of the ExifHuffmanTable.cpp file in OpenExif version 2.1.4. A remote attacker can exploit this vulnerability to cause a denial of servi...

5.5CVSS7.2AI score0.00982EPSS
Exploits1References1
Rows per page
Query Builder