CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

Patchstack•added 2024/11/01 9:29 p.m.•5 views

WordPress BookingPress plugin <= 1.1.16 - Authenticated (Subscriber+) SQL Injection vulnerability

Authenticated Subscriber+ SQL Injection vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin BookingPress versions = 1.1.16...

6.5CVSS8.1AI score0.0032EPSS

Exploits0References1Affected Software1

OSV•added 2022/02/24 7:15 p.m.•1 views

CVE-2022-0710

The Header Footer Code Manager plugin = 1.1.16 for WordPress is vulnerable to Reflected Cross-Site Scripting XSS via the $REQUEST'page' parameter...

6.1CVSS5.8AI score

Exploits0References1

Positive Technologies•added 2021/08/12 12:0 a.m.•3 views

PT-2021-10761 · Npm · Express-Cart

Name of the Vulnerable Software and Affected Versions: Express cart versions 1.1.10 and earlier Express cart version 1.1.16 Description: A Cross Site Request Forgery CSRF issue allows attackers to add an administrator account, add a discount code, or have other unspecified impacts. This issue...

8.8CVSS8.8AI score0.00141EPSS

Exploits0References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by