Lucene search
+L

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2002-1372

Malware in sbrugna...

4.3CVSS6.1AI score0.01235EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-31385

Malicious code in bioql PyPI...

6.8CVSS6.4AI score0.00298EPSS
Exploits3References3
RedhatCVE
RedhatCVE
added 2025/09/27 12:48 a.m.9 views

CVE-2025-57692

PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...

6.8CVSS6.4AI score0.00298EPSS
Exploits3References1
OSV
OSV
added 2025/09/26 9:30 p.m.3 views

GHSA-456V-F425-8MCV PiranhaCMS stored XSS

PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...

6.8CVSS6.5AI score0.00298EPSS
Exploits3References4
Github Security Blog
Github Security Blog
added 2025/09/26 9:30 p.m.11 views

PiranhaCMS stored XSS

PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...

6.8CVSS6.5AI score0.00298EPSS
Exploits3References4Affected Software1
NVD
NVD
added 2025/09/26 8:15 p.m.6 views

CVE-2025-57692

PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...

6.8CVSS0.00298EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2025/09/26 12:0 a.m.1 views

CVE-2025-57692

PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...

6AI score0.00298EPSS
Exploits3References2
Cvelist
Cvelist
added 2025/09/26 12:0 a.m.12 views

CVE-2025-57692

PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...

0.00298EPSS
Exploits3References2
OSV
OSV
added 2025/09/26 12:0 a.m.6 views

CVE-2025-57692

PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser...

6.8CVSS6.5AI score0.00298EPSS
Exploits3References4
Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.5 views

PT-2025-39678

Name of the Vulnerable Software and Affected Versions PiranhaCMS version 12.0 Description The software contains a stored cross-site scripting XSS issue in the Text content block of Standard and Standard Archive Pages. This allows for the execution of arbitrary JavaScript in another user's browser...

6.8CVSS5.7AI score0.00298EPSS
Exploits3References11
CVE
CVE
added 2025/09/26 12:0 a.m.21 views

CVE-2025-57692

Affected software: PiranhaCMS 12.0 (self-hosted CMS). Vulnerability: Stored Cross-Site Scripting in the Text content block of Standard and Standard Archive Pages, exploitable via /manager/pages. Root cause (as per sources): Insufficient input filtering allowing stored XSS. Impact: Allows executio...

6.8CVSS6AI score0.00298EPSS
Exploits3References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-4390

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the...

5.3CVSS5.9AI score0.00329EPSS
Exploits0References3
NVD
NVD
added 2025/08/12 3:15 a.m.9 views

CVE-2025-4390

The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'validaterestrictions' function. This makes it possible for unauthenticated attackers to extract sensitive data including the content of resticted...

5.3CVSS0.00329EPSS
Exploits0References3
OSV
OSV
added 2025/08/12 3:15 a.m.12 views

UBUNTU-CVE-2025-4390

The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'validaterestrictions' function. This makes it possible for unauthenticated attackers to extract sensitive data including the content of resticted...

5.3CVSS5.8AI score0.00329EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/12 2:24 a.m.5 views

CVE-2025-4390 WP Private Content Plus <= 3.6.2 - Unauthenticated Sensitive Information Exposure

The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'validaterestrictions' function. This makes it possible for unauthenticated attackers to extract sensitive data including the content of resticted...

5.3CVSS6.9AI score0.00329EPSS
Exploits0References3
NVD
NVD
added 2014/07/03 2:55 p.m.28 views

CVE-2014-4717

Multiple cross-site request forgery CSRF vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 ssbasharetext parameter in a save...

6.8CVSS6.6AI score0.02805EPSS
Exploits1References4
Cvelist
Cvelist
added 2014/07/03 2:0 p.m.36 views

CVE-2014-4717

Multiple cross-site request forgery CSRF vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 ssbasharetext parameter in a save...

6.6AI score0.02805EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2004/09/01 4:0 a.m.17 views

CVE-2002-1388

Cross-site scripting XSS vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages...

4.3CVSS5.7AI score0.01235EPSS
Exploits0
OSV
OSV
added 2003/01/02 5:0 a.m.3 views

CVE-2002-1388

Cross-site scripting XSS vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages...

5.6AI score
Exploits0References5
Rows per page
Query Builder