Lucene search
K

14 matches found

Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.8 views

PT-2026-1596

Name of the Vulnerable Software and Affected Versions Stylish Order Form Builder plugin for WordPress versions prior to 1.1 Description The Stylish Order Form Builder plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escapi...

6.4CVSS6AI score0.00243EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.12 views

PT-2025-46287

Name of the Vulnerable Software and Affected Versions Coon Google Maps plugin for WordPress versions prior to 1.1 Description The Coon Google Maps plugin for WordPress is susceptible to Stored Cross-Site Scripting through the height parameter within the 'map' shortcode. This occurs because of...

6.4CVSS5.3AI score0.00193EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/22 2:32 p.m.3 views

CVE-2025-49945 WordPress Shortcode Generator plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kylegetson Shortcode Generator shortcode-generator allows Reflected XSS.This issue affects Shortcode Generator: from n/a through = 1.1...

7.1CVSS6AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/01 12:0 a.m.4 views

ArslanSoft Education Portal Security Breach

ArslanSoft Education Portal is an education portal from ArslanSoft, Inc. A security vulnerability exists in ArslanSoft Education Portal versions prior to v1.1 that stems from a security flaw in the Outbound Error Messages and Alert Signals features...

7.5CVSS6.7AI score0.00595EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/06 12:0 a.m.7 views

Turna Advertising Administration Panel SQL Injection Vulnerability

Turna Advertising Administration Panel is an advertising administration panel from Turna. Turna Advertising Administration Panel versions prior to 1.1 are vulnerable to a SQL injection vulnerability that stems from the presence of a SQL injection vulnerability...

9.8CVSS7.9AI score0.00519EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/03/06 12:0 a.m.6 views

PT-2023-12670 · Saysis Computer · Starcities

Name of the Vulnerable Software and Affected Versions: Starcities versions prior to 1.1 Description: The issue affects Saysis Computer Starcities, allowing Cross-Site Scripting XSS due to improper neutralization of input during web page generation. This enables an attacker to inject malicious...

6.1CVSS6.2AI score0.00372EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/03/01 12:0 a.m.4 views

Uzay Baskul Weighbridge Automation Software SQL注入漏洞

Uzay Baskul Weighbridge Automation Software is an industrial control automation software from Uzay Baskul. A security vulnerability exists in Uzay Baskul Weighbridge Automation Software versions prior to 1.1, which stems from improper neutralization of a special element, resulting in SQL injectio...

9.8CVSS8.6AI score0.00664EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/12/28 12:0 a.m.3 views

json2html 跨站脚本漏洞

json2html is an open source javascript library from the individual developer Chad Brown . A cross-site scripting vulnerability exists in versions of Json2html prior to 1.1.x. An attacker can exploit this vulnerability to perform cross-site scripting attacks. Attackers can exploit this vulnerabili...

6.1CVSS5.1AI score0.0053EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/06/30 12:0 a.m.8 views

Ping Identity PingID Mac Login 授权问题漏洞

Ping Identity PingID Mac Login is an authentication application from Ping Identity USA. A security vulnerability exists in Ping Identity PingID Mac Login versions prior to 1.1, which stems from an RSA misconfiguration that is susceptible to a pre-computed dictionary attack, leading to an offline...

7.7CVSS7.3AI score0.00724EPSS
Exploits0References3
OSV
OSV
added 2021/11/16 4:15 p.m.4 views

CVE-2021-43362

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in MedData HBYS allows SQL Injection.This issue affects HBYS: from unspecified before 1.1...

9.8CVSS7.4AI score0.0058EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/11/26 12:0 a.m.8 views

Cloudera Data Engineering 跨站请求伪造漏洞

Cloudera Data Engineering is a service-less architecture cloud service from Cloudera, Inc. that supports the creation of Apache Spark tasks on a cloud platform. A cross-site request forgery vulnerability exists in Cloudera Data Engineering versions prior to 1.1, which stems from vulnerability to...

8.8CVSS7.2AI score0.00449EPSS
Exploits0References3
CNVD
CNVD
added 2017/11/01 12:0 a.m.3 views

WordPress PopCash.Net Code Integration Tool plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . PopCash.Net Code Integration Tool plugin is used in one of the code integration tool . A cross-site scripting...

6.1CVSS6.5AI score0.01353EPSS
Exploits1References1
CNVD
CNVD
added 2015/09/23 12:0 a.m.3 views

Newphoria Koritore app has full vulnerability

Newphoria Koritore for Android and iOS is a set of Android and iOS based platforms from Newphoria Japan. A security vulnerability exists in versions of the Newphoria Koritore app for Android and iOS based platforms prior to version 1.1. An attacker can exploit the vulnerability to bypass the URL...

6.8CVSS6.7AI score0.01093EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2006/09/13 12:0 a.m.7 views

PT-2006-5528 · Phprog · Phprog

Name of the Vulnerable Software and Affected Versions: PHProg versions prior to 1.1 Description: The issue allows remote attackers to read arbitrary files via a .. dot dot in the lang parameter of the index.php file. This is a directory traversal vulnerability. Recommendations: For versions prior...

5CVSS6.7AI score0.03464EPSS
Exploits1References8
Rows per page
Query Builder