Lucene search
K

15 matches found

Vulnrichment
Vulnrichment
added 2026/03/26 8:3 p.m.1 views

CVE-2026-3528 Calculation Fields - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-023

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Calculation Fields allows Cross-Site Scripting XSS.This issue affects Calculation Fields: from 0.0.0 before 1.0.4...

5.9AI score0.00243EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/07 5:32 p.m.7 views

CVE-2025-62034

Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through 1.0.4...

8.8CVSS7AI score0.00323EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/06 6:32 p.m.7 views

EUVD-2025-38087

Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through 1.0.4...

6.5AI score0.00323EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.4 views

PT-2025-45300

Name of the Vulnerable Software and Affected Versions uxper Togo versions prior to 1.0.4 Description A missing authorization issue exists in uxper Togo. Recommendations Update to version 1.0.4 or later...

6.5CVSS6.6AI score0.00275EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.6 views

PT-2025-45301

Name of the Vulnerable Software and Affected Versions uxper Togo versions prior to 1.0.4 Description An incorrect privilege assignment issue exists in uxper Togo togo. The issue involves improper access control, potentially allowing unauthorized actions. Recommendations Update uxper Togo to versi...

8.8CVSS6.6AI score0.00323EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.4 views

WordPress plugin Togo 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

6.5CVSS6.5AI score0.00303EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/16 12:0 a.m.4 views

Claude Code 操作系统命令注入漏洞

Claude Code is an open source proxy coding tool from Anthropic. An operating system command injection vulnerability exists in versions of Claude Code prior to 1.0.4, which stems from an overly broad list of allowed security commands that could lead to unacknowledged file reads and network transfe...

7.5CVSS7.7AI score0.00431EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.4 views

Drupal Config Pages Viewer 安全漏洞

Drupal Config Pages Viewer is a configuration viewer for the Drupal community. A security vulnerability exists in Drupal Config Pages Viewer versions prior to 1.0.4, which stems from a lack of authentication for critical functions and could lead to improper access control...

5.3CVSS6.8AI score0.00265EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/02/08 12:0 a.m.8 views

PT-2023-16494 · Answerdev · Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.4 Description: The issue is related to Cross-site Scripting XSS - DOM, which allows an attacker to execute malicious scripts in the context of a user's session. This can lead to unauthorized actions on...

9CVSS7.5AI score0.00871EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.6 views

PT-2023-1380 · Answer · Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.4 Description: The issue is related to improper access control in the password reset procedure of the answer knowledge sharing service. This can allow a remote attacker to gain unauthorized access to...

10CVSS9.7AI score0.06368EPSS
Exploits4References15
Positive Technologies
Positive Technologies
added 2022/12/15 12:0 a.m.5 views

PT-2022-10232 · Unknown · Inikulin Replicator

Name of the Vulnerable Software and Affected Versions: inikulin replicator versions prior to 1.0.4 Description: A deserialization issue in the inikulin replicator allows remote attackers to run arbitrary code via the fromSerializable function in the TypedArray object. Recommendations: For version...

9.8CVSS7.9AI score0.01607EPSS
Exploits1References10
CNNVD
CNNVD
added 2022/09/24 12:0 a.m.3 views

MyGraph 跨站脚本漏洞

MyGraph is renlm individual developers an integrated permissions management system, unified user authentication center, real-time dynamic gateway agent and online document management and many other powerful features in one of the backend system development template. A security vulnerability exist...

5.4CVSS5.5AI score0.00592EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2021/01/31 12:0 a.m.4 views

PT-2021-15438 · Unknown · Nested-Object-Assign

Name of the Vulnerable Software and Affected Versions: nested-object-assign versions prior to 1.0.4 Description: The issue concerns Prototype Pollution via the default function. Recommendations: For versions prior to 1.0.4, update to version 1.0.4 or later to resolve the issue...

7.5CVSS7.5AI score0.0152EPSS
Exploits1References9
CNVD
CNVD
added 2020/06/03 12:0 a.m.5 views

websocket-extensions denial of service vulnerability

websocket-extensions is an open source WebSocket generic extension manager . A security vulnerability exists in websocket-extensions npm versions prior to 1.0.4. An attacker can exploit this vulnerability to cause a denial of service with the Sec-WebSocket-Extensions header...

7.5CVSS8AI score0.03012EPSS
Exploits1References1
CNVD
CNVD
added 2017/07/11 12:0 a.m.4 views

Irssi Denial of Service Vulnerability (CNVD-2017-22565)

Irssi is a free, open source IRC client for use in Linux and Unix operating systems. A security vulnerability exists in versions of Irssi prior to 1.0.4. An attacker can exploit this vulnerability to cause a denial of service null pointer backreference...

9.8CVSS8.9AI score0.03443EPSS
Exploits0References1
Rows per page
Query Builder