Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2026/02/27 4:13 a.m.8 views

CVE-2026-27613

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. A vulnerability in versions prior to 2.01 allows unauthenticated remote attackers to bypass the web server's CGI parameter security controls. Depending on the server configuration and the specific CGI executable in use, the impact i...

10CVSS6.3AI score0.00748EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/24 12:0 a.m.7 views

WordPress plugin WP-ClanWars has a SQL injection vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.9CVSS5.9AI score0.00371EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/11/20 6:5 p.m.9 views

CVE-2025-64524 CUPS rastertopclx Filter Vulnerable to Heap Buffer Overflow Leading to Potential Arbitrary Code Execution

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In versions 2.0.1 and prior, a heap-buffer-overflow vulnerability in the rastertopclx filter causes the program to crash with a segmentation fault...

3.3CVSS0.00181EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/11/10 12:0 a.m.5 views

PT-2025-46241

Name of the Vulnerable Software and Affected Versions Double the Donation – A workplace giving tool to help your fundraising efforts plugin for WordPress versions prior to 2.0.1 Description The Double the Donation plugin for WordPress is susceptible to Stored Cross-Site Scripting through admin...

4.9CVSS5.2AI score0.00188EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28694

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00198EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.3 views

node-ip 代码问题漏洞

node-ip is a node.js module by indutny individual developer. A code issue vulnerability exists in node-ip version 2.0.1 and earlier, which stems from IP address 017700000001 being misclassified as globally routable, which could lead to server-side request forgery...

3.2CVSS6.6AI score0.00115EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:18 a.m.2 views

CVE-2024-10946

A vulnerability classified as critical has been found in Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System up to 2.0.1. This affects an unknown part of the file /interlib/admin/SysLib?cmdACT=inputLIBCODE=batchXSL=editLIBCODE.xsl==. The...

7.2CVSS7.1AI score0.00537EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:2 a.m.7 views

CVE-2023-45829

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in HappyBox Newsletter & Bulk Email Sender – Email Newsletter Plugin for WordPress plugin = 2.0.1 versions...

6.5CVSS5.6AI score0.004EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/05/10 12:0 a.m.8 views

CVE-2025-47815

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...

9.8CVSS5.5AI score0.00258EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2025/03/03 1:30 p.m.3 views

CVE-2025-23587 WordPress all-in-one-box-login plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound all-in-one-box-login allows Reflected XSS. This issue affects all-in-one-box-login: from n/a through 2.0.1...

7.1CVSS7.1AI score0.00342EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/11 12:0 a.m.3 views

Reedos aiM-Star 安全漏洞

Reedos aiM-Star is a software product from Reedos for mutual fund distribution. A security vulnerability exists in Reedos aiM-Star version 2.0.1 that originates from the transmission of sensitive information in plain text in certain API endpoints, resulting in the exposure of sensitive informatio...

8.7CVSS6.4AI score0.00436EPSS
Exploits0References2
PyPA
PyPA
added 2023/09/21 3:15 p.m.7 views

PYSEC-2023-178

plone.rest allows users to use HTTP verbs such as GET, POST, PUT, DELETE, etc. in Plone. Starting in the 2.x branch and prior to versions 2.0.1 and 3.0.1, when the ++api++ traverser is accidentally used multiple times in a url, handling it takes increasingly longer, making the server less...

7.5CVSS6.7AI score0.00822EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/12/02 10:15 p.m.3 views

CVE-2020-36130

AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1dxiface.c...

6.5CVSS9.2AI score
Exploits0References4
CNVD
CNVD
added 2021/06/09 12:0 a.m.7 views

AppCMS Arbitrary File Deletion Vulnerability (CNVD-2021-40850)

AppCMS is a content management system CMS for mobile application downloads. A security vulnerability exists in AppCMS version 2.0.101, which can be exploited by an attacker to delete arbitrary files on the site...

6.5CVSS6.9AI score0.01075EPSS
Exploits1References1
OSV
OSV
added 2020/11/19 4:15 p.m.3 views

CVE-2020-11831

OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1...

9.8CVSS7.4AI score0.01371EPSS
Exploits0References1
OSV
OSV
added 2020/03/18 10:15 p.m.3 views

CVE-2020-10674

PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open...

9.8CVSS6AI score0.01281EPSS
Exploits0References2
CNVD
CNVD
added 2018/08/14 12:0 a.m.3 views

PHP Scripts Mall Chartered Accountant:Auditor Website Cross-Site Request Forgery Vulnerability

PHP Scripts Mall Chartered Accountant:Auditor Website is a financial auditing website system script by PHP Scripts Mall India. The system includes features such as profile management, feedback management, order management and document upload management. A cross-site request forgery vulnerability...

8.8CVSS9AI score0.00512EPSS
Exploits1References1
CNVD
CNVD
added 2017/11/02 12:0 a.m.5 views

Circle with Disney Remote Code Execution Vulnerability (CNVD-2017-33180)

Circle with Disney is a set of network monitoring and management devices for monitoring children's online behavior from Circle Media, Inc. in the United States. A remote code execution vulnerability exists in the database update feature in Circle with Disney version 2.0.1. The vulnerability can b...

9.3CVSS9.2AI score0.02448EPSS
Exploits2References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/02/26 6:21 a.m.3 views

Denny's App for Android. contains an issue where it fails to verify SSL server certificates

Overview Denny's App for Android. contains an issue where it fails to verify SSL server certificates. kurisu and matt reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-minddle attack may allow an...

5.8CVSS6.5AI score0.00587EPSS
Exploits1References5
Rows per page
Query Builder