Lucene search
K

9 matches found

CNNVD
CNNVD
added 2025/09/19 12:0 a.m.13 views

Cloudflare Workers SDK 信息泄露漏洞

Cloudflare Workers SDK is an open source developer toolkit for Cloudflare. An information disclosure vulnerability exists in Cloudflare Workers SDK versions prior to 1.6.0, which stems from a default configuration where the local development server exposes all files, potentially leading to the...

6.3CVSS5.6AI score0.00358EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/06/11 3:30 p.m.10 views

Drupal Lightgallery Cross-site Scripting vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Lightgallery allows Cross-Site Scripting XSS. This issue affects Lightgallery: from 0.0.0 before 1.6.0...

7.1CVSS6.5AI score0.00278EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/06/11 2:37 p.m.16 views

CVE-2025-48447 Lightgallery - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-069

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Lightgallery allows Cross-Site Scripting XSS.This issue affects Lightgallery: from 0.0.0 before 1.6.0...

0.00278EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/11 12:0 a.m.4 views

Drupal Lightgallery 跨站脚本漏洞

Drupal Lightgallery is a plugin for the Drupal community. A cross-site scripting vulnerability exists in Drupal Lightgallery versions prior to 1.6.0 that stems from improper input neutralization and could lead to a cross-site scripting attack...

7.1CVSS5.8AI score0.00278EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/08/23 6:54 a.m.5 views

WordPress WP Table Builder plugin < 1.6.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin WP Table Builder versions 1.6.0...

4.8CVSS6.1AI score0.00294EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.4 views

Hertzbeat 安全漏洞

Hertzbeat is an open source real-time monitoring system. A SQL injection vulnerability exists in Hertzbeat versions prior to 1.6.0 that stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands ...

9.8CVSS8.1AI score0.0108EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/07/15 12:0 a.m.3 views

Apache Linkis 代码问题漏洞

Apache Linkis is a middleware product of the U.S. Apache Apache Foundation, which can establish an effective connection between upper-tier applications and the underlying data engine. Apache Linkis 1.6.0 before the version of the code problem vulnerability , the vulnerability stems from the lack ...

8.8CVSS7.4AI score0.00845EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/06/10 12:0 a.m.5 views

Jenkins 跨站脚本漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plug-ins to support building, deploying and automating any project . A cross-site scripting vulnerability exists in Jenkins Kiuwan Plugin, which stems from a cross-site scripting XSS...

6.1CVSS5.3AI score0.01216EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/12/16 12:11 p.m.6 views

shiro: specially crafted HTTP request may cause an authentication bypass

A flaw was found in Apache Shiro in versions prior to 1.6.0. A specially crafted HTTP request may cause an authentication bypass. The highest threat from this vulnerability is to data confidentiality...

7.5CVSS5.7AI score0.48019EPSS
Exploits3References4
Rows per page
Query Builder