CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2025/10/15 9:37 p.m.•7 views

CVE-2025-60535

A Cross-Site Request Forgery CSRF in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request...

7.3CVSS7.3AI score0.00167EPSS

Exploits0References1

Positive Technologies•added 2025/10/14 12:0 a.m.•6 views

PT-2025-42158

A Cross-Site Request Forgery CSRF in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request...

7.3CVSS7.3AI score0.00167EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 7:8 a.m.•7 views

CVE-2024-57386

Cross Site Scripting vulnerability in Wallos v.2.41.0 allows a remote attacker to execute arbitrary code via the profile picture function...

6.1CVSS7.3AI score0.00444EPSS

Exploits1References1

CVE•added 2025/01/23 12:0 a.m.•62 views

CVE-2024-57386

CVE-2024-57386 affects Wallos v2.41.0. A Cross Site Scripting vulnerability in the profile picture function allows a remote attacker to execute arbitrary code. The issue is documented across multiple sources (NVD, Red Hat, OSV, CNNVD, etc.). Exploitation vectors are not detailed beyond the profil...

6.1CVSS7.5AI score0.00444EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2025/01/23 12:0 a.m.•10 views

CVE-2024-57386

Cross Site Scripting vulnerability in Wallos v.2.41.0 allows a remote attacker to execute arbitrary code via the profile picture function...

6.5AI score0.00444EPSS

Exploits1References1

OSV•added 2024/02/23 3:15 p.m.•2 views

CVE-2024-22776

Wallos 0.9 is vulnerable to Cross Site Scripting XSS in all text-based input fields without proper validation, excluding those requiring specific formats like date fields...

4.7CVSS5.8AI score0.00474EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by