Lucene search
K

65 matches found

NVD
NVD
added 2025/08/09 12:15 p.m.5 views

CVE-2025-8752

A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The...

9.8CVSS0.04804EPSS
Exploits1References4
CNVD
CNVD
added 2025/07/23 12:0 a.m.2 views

D-Link DI-8100 Buffer Overflow Vulnerability

The D-Link DI-8100 is an enterprise-class router from D-Link. A buffer overflow vulnerability exists in the D-Link DI-8100 version 1.0, which originates from an insufficient checksum of parameter mx in the sprintf function in the /ddns.asp?opt=add file of component jhttpd. The vulnerability can b...

9CVSS8.2AI score0.01122EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/07/20 12:0 a.m.5 views

D-Link DI-8100 安全漏洞

The D-Link DI-8100 is an enterprise-class router from D-Link. A buffer overflow vulnerability exists in the D-Link DI-8100 version 1.0, which originates from an insufficient checksum of parameter mx in the sprintf function in the /ddns.asp?opt=add file of component jhttpd. The vulnerability can b...

9CVSS8.1AI score0.01122EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/22 10:53 p.m.10 views

CVE-2022-32128

74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting XSS vulnerability via the path /company/service/increment/add/im...

6.1CVSS6.2AI score0.00617EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/04/27 12:0 a.m.4 views

Books-Management-System 代码注入漏洞

Books-Management-System is a book management system by withstars individual developers. A code injection vulnerability exists in Books-Management-System version 1.0, which originates from cross-site scripting due to a misbehavior of the parameter content in file/api/comment/add...

5.1CVSS4.9AI score0.00338EPSS
Exploits1References5
OSV
OSV
added 2024/03/13 4:15 p.m.2 views

CVE-2024-28680

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /dede/diyadd.php...

6.1CVSS6.6AI score0.00482EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.2 views

Desdev DedeCMS Security Breach

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...

5.5CVSS6.8AI score0.00195EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.4 views

PT-2024-22507 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A Cross-Site Request Forgery CSRF issue was found in the /dede/media add.php component. This allows an attacker to perform unintended actions on the web application. Recommendations: For DedeCMS version 5.7, a...

5.5CVSS6.8AI score0.00195EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/08/24 12:0 a.m.5 views

Desdev DedeCMS 跨站脚本漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has content publishing, content management, content editing and content retrieval functions. A cross-site scripting vulnerability...

5.4CVSS5.3AI score0.00387EPSS
Exploits1References2
OSV
OSV
added 2022/12/03 6:15 p.m.3 views

CVE-2022-4278

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /hrm/employeeadd.php. The manipulation of the argument empid leads to sql injection. The attack may be initiated remotely. The...

7.2CVSS5.7AI score0.00685EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/06/23 12:0 a.m.5 views

74cms 跨站脚本漏洞

74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology Company. 74cmsSE version v3.5.1 contains a cross-site scripting vulnerability, which originates from the path /company/service/increment/add/im missing data validation filters for user-supplied data and output. A...

6.1CVSS5.7AI score0.00617EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/04/25 1:15 p.m.2 views

CVE-2022-27428

A stored cross-site scripting XSS vulnerability in /index.php/album/add of GalleryCMS v2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the albumname parameter...

5.4CVSS6AI score0.00466EPSS
Exploits1References2
NVD
NVD
added 2021/07/15 8:15 p.m.17 views

CVE-2021-0282

On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon RPD crash and restart, causing a Denial of Service DoS. Continued receipt and processing of this UPDATE message will create a sustained Denial of...

7.5CVSS0.0095EPSS
Exploits0References1
Prion
Prion
added 2021/07/15 8:15 p.m.16 views

Path traversal

On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon RPD crash and restart, causing a Denial of Service DoS. Continued receipt and processing of this UPDATE message will create a sustained Denial of...

7.1CVSS7.5AI score0.0095EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/07/15 8:0 p.m.65 views

CVE-2021-0282

CVE-2021-0282 – Junos OS DoS via BGP UPDATE with Multipath/add-path enabled . Affects Juniper’s Junos OS where Multipath/add-path is enabled; processing a specific BGP UPDATE can crash and restart the routing process daemon (RPD), causing a DoS. Sustained receipt of the UPDATE can propagate the D...

7.5CVSS7.5AI score0.0095EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/07/15 8:0 p.m.18 views

CVE-2021-0282 Junos OS: RPD crash while processing a specific BGP UPDATE when Multipath or add-path features are enabled

On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon RPD crash and restart, causing a Denial of Service DoS. Continued receipt and processing of this UPDATE message will create a sustained Denial of...

7.5CVSS7.7AI score0.0095EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/06 12:0 a.m.6 views

Fork CMS 跨站脚本漏洞

Fork is an easy to use, open source CMS using Symfony components. A persistent cross-site scripting vulnerability exists in Fork CMS version 5.8.2. The vulnerability can be exploited to inject arbitrary Javascript code via the navigationtitle and title parameters in /private/en/pages/add...

6.1CVSS5.5AI score0.00844EPSS
Exploits0References1
OSV
OSV
added 2020/10/01 6:15 p.m.5 views

CVE-2020-15228

In the @actions/core npm module before version 1.2.6,addPath and exportVariable functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the path or environment...

5CVSS5.9AI score0.01501EPSS
Exploits2References2
Prion
Prion
added 2020/10/01 6:15 p.m.18 views

Design/Logic Flaw

In the @actions/core npm module before version 1.2.6,addPath and exportVariable functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the path or environment...

4CVSS5.3AI score0.01501EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2017/05/30 2:29 p.m.12 views

CVE-2017-2302

On Juniper Networks products or platforms running Junos OS 12.1X46 prior to 12.1X46-D55, 12.1X47 prior to 12.1X47-D45, 12.3R13 prior to 12.3R13, 12.3X48 prior to 12.3X48-D35, 13.3 prior to 13.3R10, 14.1 prior to 14.1R8, 14.1X53 prior to 14.1X53-D40, 14.1X55 prior to 14.1X55-D35, 14.2 prior to...

7.8CVSS7.5AI score0.02132EPSS
Exploits0References3
Rows per page
Query Builder