CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

Personal Weather Station Dashboard 12 - Directory Traversal

Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext. id: CVE-2025-47423 info: name: Personal Weather...

5.8CVSS7.9AI score0.01155EPSS

Exploits1References2

RedhatCVE•added 2026/01/09 9:31 a.m.•1 views

CVE-2023-25478

Cross-Site Request Forgery CSRF vulnerability in Jason Rouet Weather Station plugin = 3.8.12 versions...

8.8CVSS7AI score0.00094EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-29433

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00094EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-13912

Malicious code in bioql PyPI...

5.8CVSS9AI score0.01155EPSS

Exploits1References4

RedhatCVE•added 2025/05/09 12:28 a.m.•13 views

CVE-2025-47423

5.8CVSS7.2AI score0.01155EPSS

Exploits1References1

NVD•added 2025/05/07 6:15 p.m.•14 views

CVE-2025-47423

5.8CVSS0.01155EPSS

Exploits1References2

CVE•added 2025/05/07 12:0 a.m.•90 views

CVE-2025-47423

CVE-2025-47423 affects Personal Weather Station Dashboard (12_lts). A directory traversal fault in /others/_test.php (test parameter) allows unauthenticated remote readers to access arbitrary files, including server private keys. Root cause: insufficient sanitization of the test parameter enablin...

5.8CVSS5.8AI score0.01155EPSS

Exploits1References2

Positive Technologies•added 2025/05/07 12:0 a.m.•4 views

PT-2025-20287 · Unknown · Pws Personal Weather Station Dashboard

Name of the Vulnerable Software and Affected Versions: Personal Weather Station Dashboard version 12 lts Description: The issue allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to "/others/ test.php". This can be exploited to read...

5.8CVSS9.2AI score0.01155EPSS

Exploits1References7

CNNVD•added 2025/05/07 12:0 a.m.•3 views

Personal Weather Station Dashboard 安全漏洞

Personal Weather Station Dashboard PWSDashboard is a data-rich weather dashboard from the PWSDashboard open source. A security vulnerability exists in Personal Weather Station Dashboard, which stems from a directory traversal vulnerability in /test.php that could lead to reading arbitrary files...

5.8CVSS9AI score0.01155EPSS

Exploits1References3

Vulnrichment•added 2025/05/07 12:0 a.m.•8 views

CVE-2025-47423

5.8CVSS5.8AI score0.01155EPSS

Exploits1References2

Cvelist•added 2025/05/07 12:0 a.m.•12 views

CVE-2025-47423

5.8CVSS0.01155EPSS

Exploits1References2

Positive Technologies•added 2025/02/25 12:0 a.m.•6 views

PT-2025-22369

Name of the Vulnerable Software and Affected Versions Smartbedded Meteobridge versions prior to 6.2 Description The Meteobridge web interface is susceptible to a command injection flaw. This allows remote, unauthenticated attackers to execute arbitrary commands with elevated privileges root on...

8.8CVSS8.2AI score0.43919EPSS

Exploits3References66

OSV•added 2023/07/10 4:15 p.m.•1 views

CVE-2023-25478

Cross-Site Request Forgery CSRF vulnerability in Jason Rouet Weather Station plugin = 3.8.12 versions...

8.8CVSS7.3AI score0.00094EPSS

Exploits0References1

NVD•added 2023/07/10 4:15 p.m.•13 views

CVE-2023-25478

Cross-Site Request Forgery CSRF vulnerability in Jason Rouet Weather Station plugin = 3.8.12 versions...

8.8CVSS5.8AI score0.00094EPSS

Exploits0References1

Prion•added 2023/07/10 4:15 p.m.•15 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Jason Rouet Weather Station plugin = 3.8.12 versions...

6.8CVSS8.7AI score0.00094EPSS

Exploits0References1Affected Software1

CVE•added 2023/07/10 12:44 p.m.•111 views

CVE-2023-25478

CVE-2023-25478 corresponds to a Cross-Site Request Forgery (CSRF) in the Weather Station WordPress plugin, affected versions

8.8CVSS6.5AI score0.00094EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/07/10 12:44 p.m.•16 views

CVE-2023-25478 WordPress Weather Station Plugin <= 3.8.12 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Jason Rouet Weather Station plugin = 3.8.12 versions...

4.3CVSS9AI score0.00094EPSS

Exploits0References1

CNNVD•added 2023/07/10 12:0 a.m.•1 views

Wrodpress Plugin Weather Station 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.8CVSS8.1AI score0.00094EPSS

Exploits0References2

Positive Technologies•added 2023/07/10 12:0 a.m.•2 views

PT-2023-20096 · Unknown · Jason Rouet Weather Station

Name of the Vulnerable Software and Affected Versions: Jason Rouet Weather Station plugin versions = 3.8.12 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on the web...

8.8CVSS8.9AI score0.00094EPSS

Exploits0References3

CNNVD•added 2023/04/25 12:0 a.m.•2 views

Personal Weather Station Dashboard 信任管理问题漏洞

Personal Weather Station Dashboard PWSDashboard is a data-rich weather dashboard from PWSDashboard open source. A security vulnerability exists in Personal Weather Station Dashboard. An attacker can exploit this vulnerability to execute remote code by injecting PHP code into settings.php...

7.2CVSS7.5AI score0.02693EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by