Lucene search
K

31 matches found

CVE
CVE
added 2026/06/15 8:19 p.m.17 views

CVE-2026-49068

The CVE concerns the WordPress Coupon Affiliates plugin (versions

7.5CVSS5.2AI score0.00386EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49421

Contributor Arbitrary File Deletion in Link Library = 7.8.8 versions...

7.7CVSS5.2AI score0.00327EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/14 5:30 a.m.6 views

CVE-2026-3829 WP Encryption - One Click SSL & Force HTTPS <= 7.8.5.10 - Missing Authorization to Authenticated (Subscriber+) SSL Setup Tampering

The WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'wplebasicgetrequests' function in all versions up to, and including, 7.8.5.10. This makes...

5.4CVSS5.8AI score0.00202EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2026/04/23 12:0 a.m.100 views

📄 SocialEngine 7.8.0 Server-Side Request Forgery

SocialEngine versions 7.8.0 and below suffer from a blind server-side request forgery vulnerability. User input passed through the uri request parameter to the /core/link/preview endpoint is not properly sanitized before being used as URL to send an HTTP request from the web server...

8.5CVSS5.8AI score0.00302EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.6 views

CVE-2026-32142

Shopware is an open commerce platform. /api/info/config route exposes information about licenses. This vulnerability is fixed in 7.8.1 and 6.10.15...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References1
NCSC
NCSC
added 2026/03/12 7:46 a.m.10 views

Vulnerabilities fixed in Fortinet FortiWeb

Fortinet has fixed vulnerabilities in FortiWeb Versions 7.0 to 8.0.1. The vulnerabilities include an ability for remote unauthenticated attackers to bypass hostname restrictions, an OS command injection vulnerability within the FortiWeb API, and the ability to bypass authentication rate-limits...

8.1CVSS6.2AI score0.01667EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.8 views

PT-2025-44237

Name of the Vulnerable Software and Affected Versions WooCommerce versions prior to 7.8.3 Description The WooCommerce plugin for WordPress exhibits a sensitive information exposure issue due to improper CORS Cross-Origin Resource Sharing handling on the Store API’s REST endpoints. This allows...

5.3CVSS6.4AI score0.00303EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/26 8:31 a.m.2 views

CVE-2025-60156 WordPress AR For WordPress plugin <= 8.34 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in webandprint AR For WordPress ar-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through = 8.34...

9.6CVSS5.2AI score0.00159EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/07/01 9:52 p.m.5 views

WordPress Alone theme <= 7.8.2 - Arbitrary Code Execution Vulnerability

Arbitrary Code Execution Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Theme Alone versions = 7.8.2...

7.2CVSS7.2AI score0.00196EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.15 views

The vulnerability of the VS6ComFile!MakeItemGlidZahyou() function in the HMI configuration software for Monitouch V-SFT allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the VS6ComFile!MakeItemGlidZahyou function in the HMI configuration software for Monitouch V-SFT lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, execute...

7.8CVSS7.8AI score0.00191EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 5:37 a.m.8 views

CVE-2017-17060

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure Permissions...

9.8CVSS6.9AI score0.01227EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.8 views

PT-2025-2809 · Blackberry · Qnx Sdp

Name of the Vulnerable Software and Affected Versions: QNX SDP versions 7.0 through 8.0 Description: The issue is related to an out-of-bounds read in the TIFF image codec, which could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the imag...

7.5CVSS6.9AI score0.00353EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.10 views

PT-2025-2808 · Blackberry · Qnx Sdp

Name of the Vulnerable Software and Affected Versions: QNX SDP versions 7.0 through 8.0 Description: The issue is related to an off-by-one error in the TIFF image codec, which could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image...

7.5CVSS7AI score0.00353EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/08/02 12:0 a.m.9 views

PT-2024-28027 · Cloudlink · Cloudlink

Name of the Vulnerable Software and Affected Versions: CloudLink versions 7.1.x through 8.x Description: The issue is related to an improper check or handling of exceptional conditions in the Cluster Component. A highly privileged malicious user with remote access could potentially exploit this,...

7.2CVSS6.9AI score0.00372EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.8 views

PT-2024-25671 · Webtop +1 · Webtop +1

Name of the Vulnerable Software and Affected Versions: NethServer versions 7 through 8 Description: The issue concerns stored cross-site scripting XSS in the WebTop package. This can be exploited, for example, via the Subject field of an e-mail message. NethServer is an operating system designed...

8.8CVSS5.5AI score0.01191EPSS
Exploits1References5
OSV
OSV
added 2023/06/01 9:15 p.m.5 views

CVE-2023-29723

The Glitter Unicorn Wallpaper app for Android 7.0 thru 8.0 allows unauthorized applications to actively request permission to insert data into the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the application is opene...

7.5CVSS7.1AI score0.00845EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/06/01 12:0 a.m.6 views

Glitter Unicorn Wallpaper 安全漏洞

Glitter unicorn wallpaper is a wallpaper application. A security vulnerability exists in Glitter Unicorn Wallpaper versions 7.0 through 8.0, which stems from a vulnerability that allows an unauthorized application to actively request permissions to insert data into a database, which could allow a...

7.5CVSS7.3AI score0.00845EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/03/27 12:0 a.m.5 views

Openfind Mail2000 跨站脚本漏洞

Openfind Mail2000 is a Web-based e-mail system. A cross-site scripting vulnerability exists in Openfind Mail2000 versions 7 and V8, which stems from insufficient filtering of user input by the file upload feature...

5.4CVSS5.2AI score0.00429EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/12 12:0 a.m.3 views

IBM WebSphere Application Server 跨站脚本漏洞

IBM WebSphere Application Server WAS is an application server product of the American International Business Machines IBM Corporation. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server...

5.4CVSS6AI score0.00427EPSS
Exploits0References6
OSV
OSV
added 2021/07/22 12:15 p.m.6 views

CVE-2021-22523

XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions...

7.6CVSS7.1AI score0.00811EPSS
Exploits0References1
Rows per page
Query Builder