Lucene search
K

8 matches found

CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Flowise 信息泄露漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.2 contained a vulnerability related to information leakage. This vulnerability occurred due to the encryptedData field not being properly stripped during credenti...

7CVSS5.3AI score0.00271EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.8 views

Uploady 跨站脚本漏洞

Uploady is a modern secure file upload script developed by Faris AL-Otaibi, designed to support multiple file uploads. Versions of Uploady prior to 3.1.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper filename cleaning during the file upload process, whic...

5.4CVSS5.6AI score0.00241EPSS
Exploits1References3
OSV
OSV
added 2025/03/05 9:15 p.m.7 views

AZL-57878 CVE-2025-27516 affecting package python-jinja2 for versions less than 3.1.2-3

Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the...

8.8CVSS7.5AI score0.00465EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/26 12:0 a.m.3 views

TYPO3 跨站脚本漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland. A security vulnerability exists in TYPO3 versions prior to 3.1.2 and 4.x versions prior to 4.0.2, which stems from allowing XSS attacks via saved emails...

6.1CVSS6.1AI score0.00424EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.4 views

SUSE CVE-2021-38295

In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML attachment will b...

7.3CVSS5AI score0.02474EPSS
Exploits1References3
OSV
OSV
added 2022/06/10 11:3 a.m.6 views

OESA-2022-1700 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and...

9.8CVSS6.8AI score0.04127EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/06/06 12:0 a.m.6 views

FUDForum 代码问题漏洞

FUDForum is a PHP-based open source forum software.FUDForum versions prior to 3.1.2 are vulnerable to remote code execution. An attacker can use this vulnerability to execute remote code with the help of the upload file function of the file management system in the administration control panel...

7.2CVSS6.3AI score0.22985EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2020/01/16 12:0 a.m.8 views

PT-2020-19376 · WordPress · Learndash Lms

Name of the Vulnerable Software and Affected Versions: LearnDash LMS plugin versions prior to 3.1.2 Description: The issue allows for XSS via the ld-profile search field. Recommendations: For versions prior to 3.1.2, update to version 3.1.2 or later to resolve the issue...

5.4CVSS5.4AI score0.03458EPSS
Exploits6References8
Rows per page
Query Builder