Lucene search
K

8 matches found

Cvelist
Cvelist
added 2026/01/12 10:5 p.m.21 views

CVE-2026-22799 emlog Arbitrary File Upload Vulnerability

Emlog is an open source website building system. emlog v2.6.1 and earlier exposes a REST API endpoint /index.php?rest-api=upload for media file uploads. The endpoint fails to implement proper validation of file types, extensions, and content, allowing authenticated attackers with a valid API key ...

9.3CVSS0.00627EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-6245

Malware in sbrugna...

6.1CVSS6.3AI score0.01177EPSS
Exploits2References3
OSV
OSV
added 2025/07/18 8:15 a.m.1 views

CVE-2024-27779

An insufficient session expiration vulnerability CWE-613 in FortiSandbox FortiSandbox version 4.4.4 and below, version 4.2.6 and below, 4.0 all versions, 3.2 all versions and FortiIsolator version 2.4 and below, 2.3 all versions, 2.2 all versions, 2.1 all versions, 2.0 all versions, 1.2 all...

6.7CVSS5.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:28 a.m.10 views

CVE-2019-15233

The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for Confluence has XSS, leading to theft of the Administrator Session Cookie...

6.1CVSS6.9AI score0.01177EPSS
Exploits2References1
NVD
NVD
added 2019/08/20 2:15 p.m.17 views

CVE-2019-15233

The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for Confluence has XSS, leading to theft of the Administrator Session Cookie...

6.1CVSS6.3AI score0.01177EPSS
Exploits2References2
Prion
Prion
added 2019/08/20 2:15 p.m.17 views

Command injection

The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for Confluence has XSS, leading to theft of the Administrator Session Cookie...

4.3CVSS6.2AI score0.01177EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2019/08/20 1:28 p.m.52 views

CVE-2019-15233

CVE-2019-15233 affects the Live:Text Box macro in Old Street Live Input Macros for Confluence, with XSS in versions before 2.11 that can steal an Administrator session cookie. The issue arises from injected JavaScript in a Confluence element, enabling session hijacking when a page containing the ...

6.1CVSS6.2AI score0.01177EPSS
Exploits2References2Affected Software1
CNVD
CNVD
added 2016/11/14 12:0 a.m.2 views

WordPress W3 Total Cache Plugin Competitive Conditions Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports the PHP and MySQL servers to set up a personal blog site.W3 Total Cache is one of the blog optimization plug-ins. A competitive condition vulnerability exists in...

6.3AI score
Exploits0References1
Rows per page
Query Builder