Lucene search
K

186 matches found

Positive Technologies
Positive Technologies
added 2024/06/27 12:0 a.m.4 views

PT-2024-28370 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "/admin/userSys deal.php?mudi=infoSet". This allows for potential unauthorized actions on the affected system. Recommendations: For idccm...

8.8CVSS6.7AI score0.00296EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/06/25 12:0 a.m.5 views

PT-2024-34002 · Ipswitch · Whatsup Gold

Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2023.1.3 Description: A path traversal issue exists, allowing information disclosure through a specially crafted unauthenticated HTTP request to the AppProfileImport endpoint. Recommendations: For versions prior...

6.5CVSS7.1AI score0.01636EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/06/18 12:0 a.m.6 views

PT-2024-37404 · Unknown · Spa-Cartcms

Name of the Vulnerable Software and Affected Versions: spa-cartcms version 1.9.0.6 Description: A problematic issue has been found in the Checkout Page component, affecting the processing of the file /checkout. The manipulation of the quantity argument with the input -10 leads to enforcement of...

6.9CVSS7.3AI score0.00537EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/06/18 12:0 a.m.5 views

PT-2024-4825 · Jetbrains · Youtrack

Name of the Vulnerable Software and Affected Versions: JetBrains YouTrack versions prior to 2024.2.34646 Description: The issue is related to insufficient protection of registration data in the Access Token Handler component. This could allow a remote attacker to gain unauthorized access to...

7.5CVSS7.5AI score0.00443EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.7 views

PT-2024-27466 · WordPress · Cooked Pro

Name of the Vulnerable Software and Affected Versions: The Cooked Pro recipe plugin for WordPress versions up to, and including, 1.7.15.4 Description: The issue is related to Persistent Cross-Site Scripting XSS via the recipe settingspost title parameter due to insufficient input sanitization and...

5.4CVSS6AI score0.00426EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/06/06 12:0 a.m.13 views

PT-2024-22759 · Djl · Djl

Name of the Vulnerable Software and Affected Versions: djl version 0.26.0 Description: A TarSlip vulnerability exists in the djl library, allowing an attacker to manipulate file paths within tar archives to overwrite arbitrary files on the target system. This could lead to remote code execution,...

8.8CVSS8AI score0.00917EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/06/03 12:0 a.m.4 views

PT-2024-27138 · Trendnet · Tew-827Dru

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-827DRU versions 2.06B04 and earlier Description: The issue is a stack-based buffer overflow in the ssi binary, allowing an authenticated user to execute arbitrary code. This can be achieved by sending a POST request to "apply.cgi...

6.3CVSS7.8AI score0.05049EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.9 views

PT-2024-26458 · Unknown · Diño Physics School Assistant

Name of the Vulnerable Software and Affected Versions: Diño Physics School Assistant version 2.3 Description: A vulnerability has been discovered that impacts an unidentified code within the file /classes/Master.php?f=view item. Manipulating the argument id can result in SQL injection...

9.8CVSS7.4AI score0.00429EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.6 views

PT-2024-4750 · Splunk · Splunk Cloud Platform +1

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.2 Splunk Enterprise versions prior to 9.1.5 Splunk Enterprise versions prior to 9.0.10 Splunk Cloud Platform versions prior to 9.1.2312.200 Splunk Cloud Platform versions prior to 9.1.2308.207...

5.5CVSS6.8AI score0.00302EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/05/29 12:0 a.m.6 views

PT-2024-3973

Name of the Vulnerable Software and Affected Versions NGINX Plus affected versions not specified NGINX OSS affected versions not specified Description The issue is related to the HTTP/3 QUIC module in NGINX Plus and NGINX OSS. It involves undisclosed HTTP/3 encoder instructions that can cause NGI...

7.8CVSS7.5AI score0.00848EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2024/05/24 12:0 a.m.4 views

PT-2024-35105 · WordPress · Html5 Video Player

Name of the Vulnerable Software and Affected Versions: Videojs HTML5 Player plugin for WordPress versions up to, and including, 1.1.11 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's videojs video shortcode. This...

6.4CVSS6.9AI score0.00342EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.10 views

PT-2024-9211 · Sonatype · Sonatype Nexus Repository

Name of the Vulnerable Software and Affected Versions: Sonatype Nexus Repository 2 versions up to and including 2.15.1 Description: A Remote Code Execution issue has been discovered, related to incorrect code generation management. This allows a remote attacker to execute arbitrary code by...

7.1CVSS8.6AI score0.01956EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2024/05/15 12:0 a.m.4 views

PT-2024-26321 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "/homePro deal.php" with parameters mudi and nohrefStr. This allows for unauthorized requests to be made. Recommendations: For idccms...

6.5CVSS7.1AI score0.0019EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/05/07 12:0 a.m.4 views

PT-2024-25125 · Roothub · Roothub

Name of the Vulnerable Software and Affected Versions: Roothub version 2.6 Description: A SQL injection issue was discovered via the nodeTitle parameter in the parentNode function. This allows for potential exploitation. Recommendations: For Roothub version 2.6, as a temporary workaround, conside...

9.8CVSS8AI score0.00503EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/06 12:0 a.m.4 views

PT-2024-31444 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A vulnerability was found in the system, classified as problematic. It affects some unknown functionality of the file /view/timetable.php. The manipulation of the...

6.1CVSS4.3AI score0.00614EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/04/25 12:0 a.m.8 views

PT-2024-4001 · Portainer +1 · Portainer +1

Name of the Vulnerable Software and Affected Versions: Portainer versions prior to 2.20.0 Description: The issue is related to the use of open redirects in the Portainer container management platform. This could allow an attacker to redirect a user to an arbitrary site. The problem is associated...

9.1CVSS9.5AI score0.00623EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.6 views

PT-2024-26384

Name of the Vulnerable Software and Affected Versions Campcodes Online Event Management System version 1.0 Description A critical issue has been discovered, affecting the /api/process.php file. The manipulation of the userId argument leads to sql injection, allowing remote attacks. The issue has...

8.8CVSS6.5AI score0.00675EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/04/03 12:0 a.m.2 views

PT-2024-24216 · Totolink · Totolink Ex200

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX200 version 4.0.3c.7646 B20201211 Description: A remote code execution RCE issue was discovered, which can be exploited via the webWlanIdx parameter in the setWebWlanIdx function. Recommendations: For TOTOLINK EX200 version...

8.8CVSS7.9AI score0.00926EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/04/01 12:0 a.m.5 views

PT-2024-23648 · Netentsec · Netentsec Ns-Asg

Name of the Vulnerable Software and Affected Versions: netentsec NS-ASG version 6.3 Description: The issue is related to SQL Injection, which can be exploited via the "/admin/address interpret.php" API endpoint. There is no information provided about the estimated number of potentially affected...

8.8CVSS7.2AI score0.0067EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/03/22 12:0 a.m.6 views

PT-2024-22365 · Unknown · Lakernote Easyadmin

Name of the Vulnerable Software and Affected Versions: lakernote EasyAdmin up to 20240315 Description: A critical vulnerability has been found in lakernote EasyAdmin. This affects an unknown part of the file /ureport/designer/saveReportFile. The manipulation of the file argument leads to path...

8.8CVSS6.6AI score0.00733EPSS
Exploits2References9
Rows per page
Query Builder