Lucene search
+L

60 matches found

Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.7 views

PT-2026-20817

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the ID parameter. Attackers can craft requests to the /manage/ips/appid/ endpoint with script payloads in the ID parameter to execut...

6.1CVSS5.6AI score0.00384EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2018-17147

Malware in sbrugna...

6.1CVSS6.3AI score0.00829EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2009-1901

Malware in sbrugna...

4.3CVSS6.1AI score0.01972EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-9017

Malware in sbrugna...

9.8CVSS9.5AI score0.03001EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-1714

Malware in sbrugna...

4.3CVSS6.3AI score0.01651EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-2201

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00688EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 7:9 a.m.10 views

CVE-2018-5375

Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecpspace.php appid parameter in a delete action...

6.1CVSS5.9AI score0.00829EPSS
Exploits1References1
OSV
OSV
added 2025/04/04 12:15 a.m.4 views

CVE-2025-3186

A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /patient/invoice.php. The manipulation of the argument appid leads to sql injection. The attack can be...

9.8CVSS5.8AI score0.00514EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.4 views

Project Worlds Online Doctor Appointment Booking System 安全漏洞

Project Worlds Online Doctor Appointment Booking System is an online doctor appointment booking system from Project Worlds, Inc. A security vulnerability exists in Project Worlds Online Doctor Appointment Booking System version 1.0, which stems from an incorrect manipulation of the parameter appi...

9.8CVSS7.8AI score0.00514EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.5 views

PT-2025-14818 · Unknown · Projectworlds Online Doctor Appointment Booking System

Name of the Vulnerable Software and Affected Versions: projectworlds Online Doctor Appointment Booking System version 1.0 Description: A critical issue was found in the projectworlds Online Doctor Appointment Booking System. The vulnerability affects an unknown functionality of the file...

9.8CVSS7.8AI score0.00514EPSS
Exploits1References12
OSV
OSV
added 2024/10/31 11:15 p.m.6 views

CVE-2024-10600

A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.6. Affected is an unknown function of the file pda/appcenter/submenu.php. The manipulation of the argument appid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS5.7AI score0.06282EPSS
Exploits1References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/11 3:48 a.m.9 views

Malicious code in sap-appid (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6320c6ca957bf59f7842fdf23a8839fb30c8aee7f82d14bc2066d1c4d1505b11 The OpenSSF Package Analysis project identified 'sap-appid' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
Github Security Blog
Github Security Blog
added 2023/08/17 9:30 p.m.30 views

PowerJob incorrect access control vulnerability

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list...

7.5CVSS6.6AI score0.00688EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/08/17 8:15 p.m.5 views

CVE-2023-36106

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list...

7.5CVSS5.8AI score0.00688EPSS
Exploits0References3
NVD
NVD
added 2023/08/17 8:15 p.m.36 views

CVE-2023-36106

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list...

7.5CVSS7.4AI score0.00688EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/17 12:0 a.m.33 views

CVE-2023-36106

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list...

7.5AI score0.00688EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/25 12:0 a.m.20 views

Juniper Junos OS Vulnerability (JSA70592)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70592 advisory. - An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder JDPI-Decoder Application Signature component of...

5.3CVSS5.8AI score0.00562EPSS
Exploits0References2
Prion
Prion
added 2023/04/17 10:15 p.m.15 views

Memory corruption

An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder JDPI-Decoder Application Signature component of Junos OS's AppID service on SRX Series devices will stop the JDPI-Decoder from identifying dynamic application traffic, allowi...

5CVSS5.5AI score0.00562EPSS
Exploits0References3Affected Software3
NVD
NVD
added 2022/12/02 9:15 p.m.26 views

CVE-2022-4216

The Chained Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'facebookappid' parameter in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative...

5.5CVSS0.00642EPSS
Exploits1References5
OSV
OSV
added 2022/12/02 9:15 p.m.9 views

CVE-2022-4216

The Chained Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'facebookappid' parameter in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative...

4.8CVSS5.9AI score0.00642EPSS
Exploits1References4
Rows per page
Query Builder