Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.12 views

PT-2026-45672

A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown function of the file backend/framework/src/main/java/cn/cordys/config/RequestParamTrimConfig.java. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit...

4.8CVSS4.1AI score0.00251EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.7 views

WordPress plugin myLinksDump SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

7.2CVSS5.9AI score0.00354EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/10/21 11:22 a.m.6 views

WordPress Bard theme <= 1.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Bard versions = 1.6...

5.4CVSS7AI score0.0011EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.5 views

WordPress plugin Woocommerce Notify Updated Product Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

6.5CVSS5.6AI score0.00158EPSS
Exploits0References1
OSV
OSV
added 2024/04/18 9:15 a.m.2 views

CVE-2024-32598

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8...

5.4CVSS5.8AI score0.00325EPSS
Exploits0References1
OSV
OSV
added 2024/02/05 7:15 a.m.3 views

CVE-2024-24839

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gordon Böhme, Antonio Leutsch Structured Content JSON-LD wpsc allows Stored XSS.This issue affects Structured Content JSON-LD wpsc: from n/a through 1.6.1...

5.4CVSS7.3AI score0.00317EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:7 a.m.3 views

SUSE CVE-2008-3326

Cross-site scripting XSS vulnerability in blog/edit.php in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to inject arbitrary web script or HTML via the etitle parameter blog entry title...

2.6CVSS6.1AI score0.02389EPSS
Exploits1References4
Rows per page
Query Builder