Lucene search
K

537 matches found

CNNVD
CNNVD
added 2025/03/20 12:0 a.m.3 views

SuperAGI 路径遍历漏洞

SuperAGI is an open source infrastructure application from SuperAGI Open Source. It is used to build components, tools, frameworks and models to implement open source AGI. A path traversal vulnerability exists in SuperAGI version 0.0.14, which stems from path traversal in the file upload...

8.8CVSS9.1AI score0.01332EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/14 12:0 a.m.3 views

Open Panel OpenAdmin 安全漏洞

Open Panel OpenAdmin is a free Laravel-based open administration panel from Open Panel, Inc. A security vulnerability exists in Open Panel OpenAdmin version 0.3.4, which stems from cross-site request forgery and could lead to elevation of privilege...

5.5CVSS6.6AI score0.00164EPSS
Exploits2References4
NVD
NVD
added 2025/03/03 5:15 p.m.8 views

CVE-2024-53388

A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element...

8.8CVSS0.00571EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.3 views

WordPress plugin Guten Free Options 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...

7.1CVSS5.9AI score0.00363EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/24 12:0 a.m.4 views

PT-2025-7763 · Unknown · Nurelm Get Posts

Name of the Vulnerable Software and Affected Versions: nurelm Get Posts versions 0.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting XSS vulnerability. Specifically, it is a Stored XSS vulnerabilit...

6.5CVSS8.3AI score0.00204EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/02/21 12:0 a.m.3 views

WordPress List Urls Plugin <= 0.2 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability

CSRF to Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin List Urls versions = 0.2...

7.1CVSS6.1AI score0.00235EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/16 12:0 a.m.5 views

PT-2025-6906

Name of the Vulnerable Software and Affected Versions: GNU elfutils version 0.192 Description: A problem has been found in GNU elfutils that affects the gelf getsymshndx function of the file strip.c in the eu-strip component. This issue leads to denial of service and must be approached locally. T...

7.8CVSS4.9AI score0.00614EPSS
Exploits6References45
OSV
OSV
added 2025/02/11 10:15 p.m.4 views

CVE-2024-57777

Directory Traversal vulnerability in Ianproxy v.0.1 and before allows a remote attacker to obtain sensitive information...

5.1CVSS6.6AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:25 a.m.17 views

CVE-2024-5827

Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents . This can lead to...

9.8CVSS8.1AI score0.03452EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/04 12:0 a.m.1 views

WordPress plugin JustRows free 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.1CVSS7.6AI score0.0055EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/02/04 12:0 a.m.5 views

WordPress plugin iBuildApp 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.1CVSS7.7AI score0.00561EPSS
Exploits1References1
OSV
OSV
added 2025/02/03 8:15 p.m.1 views

CVE-2024-57098

Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter...

9.8CVSS8.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/03 12:0 a.m.3 views

PT-2025-3401 · Moss · Moss

Name of the Vulnerable Software and Affected Versions: Moss version v0.1.3 Description: The issue is related to an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter. This vulnerability can be exploited by injecting malicious input int...

9.8CVSS7.8AI score0.00399EPSS
Exploits1References5
PyPA
PyPA
added 2025/01/27 6:15 p.m.7 views

PYSEC-2025-58

vLLM is a library for LLM inference and serving. vllm/modelexecutor/weightutils.py implements hfmodelweightsiterator to load the model checkpoint, which is downloaded from huggingface. It uses the torch.load function and the weightsonly parameter defaults to False. When torch.load loads malicious...

8.8CVSS7.8AI score0.00694EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.2 views

WordPress plugin Responsivity 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7.7AI score0.00378EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.3 views

NLnet Routinator 安全漏洞

NLnet Routinator is an RPKI Resource Public Key Infrastructure validator from the NLnet team written in the Rust language. A security vulnerability exists in NLnet Routinator version 0.14.0 and earlier, which stems from code that initially parses a manifest without checking the contents of the...

7.5CVSS6.6AI score0.00458EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.2 views

WordPress plugin Flexible Blogtitle 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS7.8AI score0.00289EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.2 views

WordPress plugin SOCIAL.NINJA 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site...

6.5CVSS7.7AI score0.00357EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.2 views

WordPress plugin Simple Vertical Timeline 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.8AI score0.00357EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.2 views

WordPress plugin HTTP to HTTPS link changer by Eyga.net 跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin HTTP to HTTPS link changer by...

7.1CVSS7.9AI score0.00169EPSS
Exploits0References1
Rows per page
Query Builder