Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.3 views

PT-2025-4925 · Unknown · Rsvpmaker Volunteer Roles

Name of the Vulnerable Software and Affected Versions: RSVPMaker Volunteer Roles versions 1.5.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This enables attackers to inject malicious...

7.1CVSS9.4AI score0.00271EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/02 12:0 a.m.2 views

PT-2023-7010 · Phpipam · Phpipam

Name of the Vulnerable Software and Affected Versions: phpipam versions prior to 1.5.2 Description: The issue allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request. This is possible due to a LDAP injection vulnerability via the dnam...

7.8CVSS7.5AI score0.0071EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2022/02/08 12:0 a.m.3 views

PT-2022-6562 · Gitea · Gitea

Name of the Vulnerable Software and Affected Versions: Gitea versions prior to 1.5.2 Description: The issue is related to a Cross Site Request Forgery CSRF vulnerability in the Gitea Git repository management system interface. This vulnerability can be exploited by a remote attacker to perform a...

9CVSS7.1AI score0.00577EPSS
Exploits0References17
CNNVD
CNNVD
added 2021/12/21 12:0 a.m.5 views

PrestaShop 跨站脚本漏洞

Prestashop is a set of open source e-commerce solutions from the United States Prestashop. The solution provides multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop that stems from PrestaShop before 1.5.2 that allows XSS via the...

6.1CVSS6.2AI score0.00796EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/06/23 12:0 a.m.4 views

PT-2021-23591 · Unknown · Github.Com/Ecnepsnai/Web

Name of the Vulnerable Software and Affected Versions: github.com/ecnepsnai/web package versions prior to 1.5.2 Description: The issue arises when Web Sockets do not execute any AuthenticateMethod methods, potentially leading to a nil pointer dereference or authentication bypass. This problem...

9.8CVSS9.7AI score0.01116EPSS
Exploits1References11
CNNVD
CNNVD
added 2020/11/24 12:0 a.m.8 views

Apache Unomi 注入漏洞

Apache Unomi is a java open source client data platform that can be used on multiple systems to manage user profiles and the data associated with that profile, Unomi was announced as a top Apache project in 2019. Since Apache Unomi is built as an OSGi application running in Apache Karaf, it is...

9.8CVSS8.1AI score0.68398EPSS
Exploits9References10
Positive Technologies
Positive Technologies
added 2020/06/12 12:0 a.m.4 views

PT-2020-8502 · Adns +2 · Adns +2

Name of the Vulnerable Software and Affected Versions: adns versions prior to 1.5.2 Description: An issue was discovered in adns where it hangs and consumes CPU resources if a compression pointer loop is encountered. Recommendations: For versions prior to 1.5.2, update to version 1.5.2 or later t...

9.8CVSS8.2AI score0.03603EPSS
Exploits0References49
Positive Technologies
Positive Technologies
added 2016/12/29 12:0 a.m.9 views

PT-2023-16824 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam/phpipam versions prior to 1.5.2 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input and later displays it without proper validation, allowing an attacker to inject...

9.8CVSS6.1AI score0.99714EPSS
Exploits84References76
Rows per page
Query Builder