Lucene search
K

9 matches found

Cvelist
Cvelist
added 2026/06/17 12:47 p.m.26 views

CVE-2025-69140 WordPress SweetDate Core plugin < 1.1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in SweetDate Core 1.1.5 versions...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 2025/11/06 8:15 p.m.8 views

CVE-2025-34245

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxStandaloneVpnClientsController.ajaxAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

6.5CVSS0.00284EPSS
Exploits0References3
OSV
OSV
added 2025/11/06 8:15 p.m.4 views

CVE-2025-34242

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxNetworkController.ajaxAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

6.5CVSS5.8AI score0.00284EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.5 views

PT-2025-45361

Name of the Vulnerable Software and Affected Versions Advantech WebAccess/VPN versions prior to 1.1.5 Description The software contains a SQL injection issue in the AjaxFwRulesController.ajaxDeviceFwRulesAction function. An authenticated, low-privileged user can inject SQL code through datatable...

5.3CVSS7.8AI score0.00284EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.5 views

Advantech WebAccess/VPN 安全漏洞

Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a cross-site scripti...

6.3CVSS6.1AI score0.00197EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/30 12:31 a.m.5 views

EUVD-2025-36881

Drupal Acquia DAM allows Forceful Browsing...

7.5CVSS6.4AI score0.0028EPSS
Exploits0References2
OSV
OSV
added 2025/10/30 12:31 a.m.4 views

GHSA-X957-32V9-M7VG Drupal Acquia DAM allows Forceful Browsing

Missing Authorization vulnerability in Drupal Acquia DAM allows Forceful Browsing. This issue affects Acquia DAM: from 0.0.0 before 1.1.5...

7.5CVSS7AI score0.0028EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.6 views

Drupal Acquia DAM 安全漏洞

Drupal Acquia DAM is a data synchronization plugin for the Drupal community. A security vulnerability exists in Drupal Acquia DAM versions prior to 1.1.5, which stems from a lack of authorization and could lead to a forced browsing attack...

7.5CVSS6.5AI score0.0028EPSS
Exploits0References1
OSV
OSV
added 2017/04/13 2:59 p.m.4 views

UBUNTU-CVE-2016-4068

Cross-site scripting XSS vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864...

6.1CVSS7AI score0.02481EPSS
Exploits0References4
Rows per page
Query Builder