Lucene search
+L

5 matches found

cve
cve
added 2026/06/27 6:50 a.m.16 views

CVE-2026-11783

The CVE concerns the Dokan: AI Powered WooCommerce Multivendor Marketplace Solution for WordPress. A Stored XSS flaw exists in all versions up to 5.0.4 due to insufficient input sanitization and output escaping of the Product SKU, enabling an authenticated attacker with custom-level access or hig...

6.4CVSS5.8AI score0.0022EPSS
Exploits0References8
osv
osv
added 2022/11/03 8:15 p.m.4 views

CVE-2022-42749

CandidATS version 3.0.0 on 'page' of the 'ajax.php' resource, allows an external attacker to steal the cookie of arbitrary users. This is possible because the application application does not properly validate user input against XSS attacks...

6.1CVSS5.9AI score0.01071EPSS
Exploits1References2
osv
osv
added 2021/12/21 12:15 p.m.5 views

CVE-2021-45252

Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For example on three applications which are managetopic.php, manageuser.php, and ajax.php. The attacker can be retrieving all information from the database of this system by using this vulnerability...

9.8CVSS5.8AI score0.01239EPSS
Exploits1References1
attackerkb
attackerkb
added 2021/01/26 11:15 p.m.5 views

CVE-2021-3317

KLog Server through 2.4.1 allows authenticated command injection. async.php calls shellexec on the original value of the source parameter...

8.8CVSS7.3AI score0.41394EPSS
Exploits3References3
cnnvd
cnnvd
added 2021/01/26 12:0 a.m.7 views

KLog Command Injection Vulnerability

KLog is ZhaoKaiQiang KLog individual developers of a logging tool for Android development . The tool's main functions are to print line numbers, function calls, Json parsing, XML parsing, click to jump, Log information saved and other functions. A command injection vulnerability exists in KLog...

8.8CVSS7.3AI score0.41394EPSS
Exploits3References5
Rows per page
Query Builder