Lucene search
+L

564 matches found

Openbugbounty
Openbugbounty
added 2018/06/22 6:43 a.m.11 views

kladskolan.se Improper Access Control vulnerability

Open Bug Bounty ID: OBB-635208 Description| Value ---|--- Affected Website:| kladskolan.se Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Other Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/06/21 9:37 p.m.10 views

bekkerveldfestival.nl Improper Access Control vulnerability

Open Bug Bounty ID: OBB-635101 Description| Value ---|--- Affected Website:| bekkerveldfestival.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Other Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

0.1AI score
Exploits0
OSV
OSV
added 2018/05/28 4:29 p.m.3 views

CVE-2018-11309

Blind SQL injection in couponcode in the MemberMouse plugin 2.2.8 and prior for WordPress allows an unauthenticated attacker to dump the WordPress MySQL database via an applyCoupon action in an admin-ajax.php request...

9.8CVSS5.8AI score0.0218EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.26 views

WordPress Plugin Woo Import Export 1.0 - Arbitrary File Deletion

...

7.4AI score
Exploits0
CNVD
CNVD
added 2018/04/16 12:0 a.m.6 views

joyplus-cms cross-site scripting vulnerability (CNVD-2018-08698)

joyplus-cms joy video is an open source video backend management system based on PHP and MySQL. The system has a video resource acquisition , user feedback management , automatic address resolution and message push management and other functions . A cross-site scripting vulnerability exists in...

4.8CVSS6.8AI score0.0064EPSS
Exploits1References1
CNVD
CNVD
added 2018/03/29 12:0 a.m.5 views

WordPress WooCommerce Products Filter Plugin File Inclusion Vulnerability

WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . WooCommerce Products Filter aka WOOF plugin is to use one of the conditional filtering plugin . A file inclusion...

9.8CVSS6.3AI score0.01986EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/19 12:0 a.m.7 views

joyplus-cms cross-site scripting vulnerability

joyplus-cms joy video is an open source video backend management system based on PHP and MySQL. The system has a video resource acquisition , user feedback management , automatic address resolution and message push management and other functions . A cross-site scripting vulnerability exists in...

4.8CVSS6AI score0.0064EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2018/03/18 6:29 a.m.5 views

CVE-2018-8767

joyplus-cms 1.6.0 has XSS in manager/adminajax.php?action=save&tab=prevodtype via the tname parameter...

4.8CVSS5.4AI score0.0064EPSS
Exploits1References2
OSV
OSV
added 2018/03/18 6:29 a.m.4 views

CVE-2018-8767

joyplus-cms 1.6.0 has XSS in manager/adminajax.php?action=save&tab=prevodtype via the tname parameter...

4.8CVSS5.8AI score0.0064EPSS
Exploits1References1
Openbugbounty
Openbugbounty
added 2018/02/26 1:15 a.m.12 views

carranza.com.ec XSS vulnerability

Open Bug Bounty ID: OBB-568428 Description| Value ---|--- Affected Website:| carranza.com.ec Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/02/26 12:30 a.m.20 views

induscs.ca XSS vulnerability

Open Bug Bounty ID: OBB-568379 Description| Value ---|--- Affected Website:| induscs.ca Vulnerable Application:| WordPress Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure based on I...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/02/04 1:12 p.m.12 views

thestyledivision.com XSS vulnerability

Open Bug Bounty ID: OBB-552737 Description| Value ---|--- Affected Website:| thestyledivision.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| newsmag theme from tagdiv Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/02/04 12:23 p.m.10 views

pikio.pl XSS vulnerability

Open Bug Bounty ID: OBB-552726 Description| Value ---|--- Affected Website:| pikio.pl Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure based on ISO 29147 guidelines Remediation Guide...

6.2AI score
Exploits0
OSV
OSV
added 2018/01/27 5:29 p.m.5 views

CVE-2018-6357

The acxasmwsaveordercallback function in function.php in the acurax-social-media-widget plugin before 3.2.6 for WordPress has CSRF via the recordsArray parameter to wp-admin/admin-ajax.php, with resultant socialwidgeticonarrayorder XSS...

8.8CVSS5.8AI score0.00649EPSS
Exploits1References2
CNVD
CNVD
added 2018/01/17 12:0 a.m.5 views

WordPress weblizar-pinterest-feeds plugin cross-site scripting vulnerability (CNVD-2018-01274)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site. weblizar-pinterest-feeds plugin is used in one of the plugin for displaying Pinterest data. A cross-site scriptin...

6.1CVSS6AI score0.00954EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/17 12:0 a.m.4 views

WordPress weblizar-pinterest-feeds plugin cross-site request forgery vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site. weblizar-pinterest-feeds plugin is used in one of the plugin for displaying Pinterest data. A cross-site request...

8.8CVSS6.7AI score0.00604EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/17 12:0 a.m.6 views

WordPress weblizar-pinterest-feeds plugin cross-site scripting vulnerability (CNVD-2018-01275)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site. weblizar-pinterest-feeds plugin is used in one of the plugin for displaying Pinterest data. A cross-site scriptin...

6.1CVSS6AI score0.0078EPSS
Exploits1References1
OSV
OSV
added 2018/01/16 9:29 a.m.6 views

CVE-2017-18032

The download-manager plugin before 2.9.52 for WordPress has XSS via the id parameter in a wpdmgeneratepassword action to wp-admin/admin-ajax.php...

6.1CVSS5.8AI score0.00924EPSS
Exploits1References2
OSV
OSV
added 2018/01/13 12:29 a.m.4 views

CVE-2018-5654

An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php PFFREEAccessToken parameter...

6.1CVSS5.8AI score0.00954EPSS
Exploits1References2
OSV
OSV
added 2018/01/13 12:29 a.m.3 views

CVE-2018-5653

An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php weblizarpffreesettingssaveget-users parameter...

6.1CVSS5.8AI score0.00954EPSS
Exploits1References2
Rows per page
Query Builder