Lucene search
K

18 matches found

EUVD
EUVD
added 2026/04/08 9:31 a.m.6 views

EUVD-2026-20152

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

5.9AI score0.00201EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.7 views

CVE-2026-39484

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

5.9AI score0.00201EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/03/18 10:12 a.m.4 views

WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Or Benit in WordPress Plugin Hide My WP Ghost versions 7.0.00...

5.9AI score0.00201EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/02/17 12:0 a.m.16 views

CVE-2025-32355

CVE-2025-32355 affects Rocket TRUfusion Enterprise up to version 7.10.4.0, where the built-in reverse proxy can be misconfigured to accept absolute URLs in the HTTP request line. This enables server-side requests to load arbitrary resources via the proxy, constituting a server-side request forger...

7.9CVSS5.5AI score0.01249EPSS
In wildExploits1References3Affected Software1
CBLMariner
CBLMariner
added 2026/01/21 4:2 p.m.5 views

CVE-2025-12748 affecting package libvirt for versions less than 7.10.0-11

CVE-2025-12748 affecting package libvirt for versions less than 7.10.0-11. A patched version of the package is available...

5.5CVSS5.5AI score0.00185EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.4 views

PT-2025-49920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Get Bowtied Shopkeeper Extender shopkeeper-extender allows Stored XSS.This issue affects Shopkeeper Extender: from n/a through 7.0...

6.5CVSS6AI score0.00156EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/03/19 8:1 a.m.4 views

WordPress Site Reviews plugin < 7.2.5 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Site Reviews versions 7.2.5...

8.8CVSS7.3AI score0.01856EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.5 views

Drupal Loft Data Grids module < 7.x-2.7,< 7.x-3.0 - Unauthenticated Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS vulnerability discovered by Juraj Nemec in WordPress Module Loft Data Grids versions 7.x-2.7,7.x-3.0...

7.1CVSS6.1AI score0.00466EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/09/30 7:36 a.m.4 views

WordPress The Post Grid plugin < 7.5.0 - Editor+ Stored XSS via Grid Creation vulnerability

Editor+ Stored XSS via Grid Creation vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin The Post Grid versions 7.5.0...

4.8CVSS6AI score0.00286EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/12/18 4:15 p.m.12 views

AZL-35030 CVE-2023-48795 affecting package nmap for versions less than 7.93-2

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

5.9CVSS6.9AI score0.9378EPSS
Exploits4References1
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.5 views

PT-2023-24476 · Foswiki · Foswiki +1

Name of the Vulnerable Software and Affected Versions: Foswiki versions 2.1.7 and below Description: An issue in the SpreadSheetPlugin component of Foswiki allows attackers to execute a directory traversal. Recommendations: For versions 2.1.7 and below, update to a version above 2.1.7 to resolve...

7.5CVSS7.6AI score0.00938EPSS
Exploits1References6
OSV
OSV
added 2023/05/15 10:15 p.m.6 views

AZL-26736 CVE-2023-2700 affecting package libvirt for versions less than 7.10.0-5

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's gautoptr cleanup...

5.5CVSS6.7AI score0.00298EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:46 a.m.3 views

SUSE CVE-2021-21706

In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when extracting a ZIP file, thus potentially causing files to be created or overwritten, subject to OS...

6.5CVSS9.3AI score0.01337EPSS
Exploits0References5
OSV
OSV
added 2022/09/23 2:15 p.m.5 views

AZL-11046 CVE-2022-35252 affecting package curl for versions less than 7.86.0-1

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

3.7CVSS6.8AI score0.01839EPSS
Exploits1References1
OSV
OSV
added 2021/12/15 3:15 p.m.7 views

AZL-7049 CVE-2021-43896 affecting package powershell for versions less than 7.2.1-1

Microsoft PowerShell Spoofing Vulnerability...

5.5CVSS6.7AI score0.0232EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/07/28 12:0 a.m.9 views

PT-2020-6128 · Php +2 · Php +2

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB version 9.0 Enterprise Edition Description: The issue is related to insufficient input validation in the Chadha PHPKB software. This allows a remote unauthenticated attacker to disclose local files on hosts running PHP versions...

7.8CVSS7.2AI score0.26459EPSS
Exploits2References17
OSV
OSV
added 2019/12/17 11:15 p.m.0 views

CVE-2019-11657

Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack...

8.8CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2017/04/24 7:59 p.m.5 views

AZL-6625 CVE-2017-3613 affecting package libdb for versions less than 5.3.28-7

Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks...

7CVSS7AI score0.00419EPSS
Exploits0References1
Rows per page
Query Builder