Lucene search
+L

8 matches found

cnnvd
cnnvd
added 2026/05/04 12:0 a.m.10 views

Evolver 安全漏洞

Evolver is an intelligent agent-based self-evolution tool developed by EvoMap. Versions of Evolver prior to 1.69.3 contained security vulnerabilities. These vulnerabilities were caused by a prototype contamination issue in the email storage module, which could allow attackers to modify the behavi...

5.2CVSS5.8AI score0.00109EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-27742

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00336EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-32972

Malicious code in bioql PyPI...

7.3CVSS6.3AI score0.01037EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/05/23 7:16 a.m.11 views

CVE-2024-8628

The Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'post-meta' shortcode in all versions up to, and including, 1.2.70.3 due to insufficient input sanitization and output escaping o...

5.4CVSS5.8AI score0.00263EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 3:44 a.m.9 views

CVE-2023-30838

PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, the ValidateCore::isCleanHTML method of Prestashop misses hijackable events which can lead to cross-site scripting XSS injection, allowed by the presence of pre-setup @keyframes methods. This XSS, which...

9.9CVSS5.2AI score0.01037EPSS
Exploits2References1
nvd
nvd
added 2023/05/11 4:15 p.m.29 views

CVE-2023-29400

Templates containing actions in unquoted HTML attributes e.g. "attr=." executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags...

7.3CVSS8.7AI score0.01037EPSS
Exploits0References5
prion
prion
added 2023/05/11 4:15 p.m.27 views

Code injection

Templates containing actions in unquoted HTML attributes e.g. "attr=." executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags...

7.5CVSS8.4AI score0.01037EPSS
Exploits0References4Affected Software1
veracode
veracode
added 2021/02/05 4:28 a.m.17 views

Prototype Pollution

decal is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

8.6CVSS3.4AI score0.0176EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder