Lucene search
K

343 matches found

RedhatCVE
RedhatCVE
added 2025/11/19 9:9 a.m.11 views

CVE-2025-12411

The Premmerce Wholesale Pricing for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'ID' parameter in versions up to, and including, 1.1.10. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...

7.1CVSS6.7AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 2025/10/30 10:15 p.m.5 views

CVE-2023-53690

Nagios Fusion versions prior to 4.2.0 contain a stored cross-site scripting XSS vulnerability in the LDAP/AD authentication-server configuration. Unsanitized user input can be stored and later rendered in the administrative UI, causing JavaScript to execute in the browser of any user who views th...

6.2CVSS0.00781EPSS
Exploits0References3
OSV
OSV
added 2025/10/30 4:15 p.m.5 views

CVE-2025-46363

Dell Secure Connect Gateway SCG 5.0 Application and Appliance versions 5.26.00.00 - 5.30.00.00, contain a Relative Path Traversal vulnerability in the SCG exposed for an internal collection download REST API if this REST API is enabled by Admin user from UI. A low privileged attacker with remote...

4.3CVSS5.9AI score0.00275EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/30 3:22 p.m.4 views

CVE-2025-46363

Dell Secure Connect Gateway SCG 5.0 Application and Appliance versions 5.26.00.00 - 5.30.00.00, contain a Relative Path Traversal vulnerability in the SCG exposed for an internal collection download REST API if this REST API is enabled by Admin user from UI. A low privileged attacker with remote...

4.3CVSS0.00275EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/27 8:32 a.m.11 views

CVE-2025-12251 OpenWGA Admin UI cross site scripting

A vulnerability has been found in OpenWGA 7.11.12 Build 737. This impacts an unknown function of the component Admin UI. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted ear...

5.1CVSS0.00227EPSS
Exploits0References4
CVE
CVE
added 2025/10/27 8:32 a.m.10 views

CVE-2025-12251

OpenWGA 7.11.12 Build 737 — vulnerability in the Admin UI component enables cross-site scripting. The issue affects the Admin UI function; root cause is a flaw that allows remote execution of scripts. Impact is client-side data integrity/defense separation with potential for arbitrary script exec...

5.1CVSS5.2AI score0.00227EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/27 8:32 a.m.2 views

CVE-2025-12251 OpenWGA Admin UI cross site scripting

A vulnerability has been found in OpenWGA 7.11.12 Build 737. This impacts an unknown function of the component Admin UI. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted ear...

5.1CVSS3.5AI score0.00227EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.6 views

PT-2025-43909

Name of the Vulnerable Software and Affected Versions OpenWGA version 7.11.12 Build 737 Description A security issue exists in OpenWGA that allows for cross site scripting. The issue impacts an unknown function within the Admin UI component and can be initiated remotely. The exploit for this issu...

5.1CVSS5.1AI score0.00227EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/17 5:59 p.m.3 views

EUVD-2025-34902

ibexa/admin-ui has an XSS vulnerability in Cancel/Reschedule future publication modal...

5.9AI score
Exploits0References3
Snyk
Snyk
added 2025/10/17 5:58 p.m.3 views

Cross-site Scripting (XSS)

Overview ezsystems/ezplatform-admin-ui is a package that is part of the eZ Platform Admin UI Bundle. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the reschedule/cancel-schedule modal in the back office interface. An attacker can execute arbitrary scripts by...

8.3CVSS5.5AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/10/17 5:39 p.m.7 views

net.optionfactory.keycloak:optionfactory-keycloak-providers (>=8.1 <=8.9), org.keycloak.testframework:keycloak-test-framework-clustering (>=26.3.0 <=26.3.3) +23 more potentially affected by CVE-2025-10044 via org.keycloak:keycloak-admin-ui (>=26.3.0 <=26.3.3)

org.keycloak:keycloak-admin-ui MAVEN version =26.3.0, =8.1, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.3 and more Source cves: CVE-2025-10044https://vulners.com/c...

4.3CVSS5.8AI score0.00291EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/17 5:39 p.m.4 views

com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak (=24.3.0.0), com.github.wnameless.spring.boot.up:spring-boot-up-keycloak-plugin (=24.3.0.0) +29 more potentially affected by CVE-2025-10044 via org.keycloak:keycloak-admin-ui (>=1.0-alpha-1-12062013 <=26.2.5)

org.keycloak:keycloak-admin-ui MAVEN version =1.0-alpha-1-12062013, =2.5.6-24.0, =0.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.0, =26.2.0, =26.1.0, =26.1.0, =26.2.5 and m...

4.3CVSS5.3AI score0.00291EPSS
Exploits0
Veracode
Veracode
added 2025/10/14 7:19 a.m.6 views

Brute-Force Attack

ethycafides is vulnerable to brute-force attack. The vulnerability is due to the absence of specific anti-automation controls on the Admin UI login endpoint, which allows an attacker to perform credential testing attacks such as credential stuffing or password spraying to gain unauthorized access...

6.5CVSS7.3AI score0.00277EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-3000

Malware in sbrugna...

4.8CVSS5.1AI score0.00769EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-24090

Malware in sbrugna...

6.1CVSS4.7AI score0.00926EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-16596

Malware in sbrugna...

6.1CVSS6.3AI score0.00681EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-16595

Malware in sbrugna...

6.1CVSS6.3AI score0.00944EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-11490

Malware in sbrugna...

9CVSS9AI score0.01182EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-7292

Malware in sbrugna...

2.1CVSS6.3AI score0.00539EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-0039

Malware in sbrugna...

5.3CVSS5.7AI score0.04325EPSS
Exploits0References6
Rows per page
Query Builder