Lucene search
K

8 matches found

CNNVD
CNNVD
added 2025/08/01 12:0 a.m.7 views

Kloxo 安全漏洞

Kloxo is an open source hosting platform from LxCenter. A security vulnerability exists in Kloxo versions 6.1.12 and earlier, which stems from a local elevation of privilege issue in the lxsuexec and lxrestart binaries that could lead to the execution of arbitrary commands...

8.5CVSS6.9AI score0.0035EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/06/25 12:0 a.m.4 views

Incus 安全漏洞

Incus is an LXC open source system container and virtual machine manager. A security vulnerability exists in Incus versions 6.12 and 6.13, which stems from a partial bypass of security options in the nftables rule and could lead to ARP spoofing...

8.1CVSS6AI score0.00195EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/09/24 12:0 a.m.3 views

PT-2024-32285 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions 6.12.0 and earlier Description: The issue is related to DOM-based Cross-site Scripting XSS. Attackers may be able to abuse the UpdateOTRAck method to forge a message that contains an XSS payload. Recommendations: For...

6.1CVSS5.8AI score0.00348EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/05/08 12:0 a.m.7 views

PT-2024-20987 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: A SQL injection issue was discovered via the project id parameter at the "/ProjectManage/pm gatt inc.aspx" API endpoint. This allows for potential exploitation. No information is provided about...

8.1CVSS7.5AI score0.00591EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/05/08 12:0 a.m.8 views

PT-2024-20990 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/WorkFlow/wf office file history show.aspx" API endpoint. Recommendations...

9.8CVSS7.4AI score0.00608EPSS
Exploits1References4
Patchstack
Patchstack
added 2024/04/01 5:3 a.m.8 views

WordPress Ecwid Ecommerce Shopping Cart plugin <= 6.12.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin Ecwid Shopping Cart versions = 6.12.10...

6.4CVSS6.5AI score0.00353EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.5 views

PT-2024-14186 · Ecwid · Ecwid Ecommerce Shopping Cart

Name of the Vulnerable Software and Affected Versions: Ecwid Ecommerce Shopping Cart versions through 6.12.4 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in Ecwid Ecommerce Shopping Cart. This type of vulnerability allows an attacker to trick a user into performing...

6.1CVSS7.1AI score0.00183EPSS
Exploits0References8
OSV
OSV
added 2023/04/28 3:15 p.m.4 views

CVE-2023-0834

Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on MacOS allows Privilege Escalation.This issue affects Workforce Access: from 6.12 before 8.1...

9.8CVSS5.8AI score0.00319EPSS
Exploits0References1
Rows per page
Query Builder