Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2025/11/08 1:29 a.m.4 views

CVE-2025-64496 Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.6.224 and prior contain a code injection vulnerability in the Direct Connections feature that allows malicious external model servers to execute arbitrary JavaScript in victim browsers vi...

7.3CVSS8.1AI score0.07874EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:31 a.m.10 views

CVE-2024-44682

ShopXO 6.2 is vulnerable to Cross Site Scripting XSS in the backend that allows attackers to execute code by changing POST parameters...

6.1CVSS6.3AI score0.00324EPSS
Exploits0
Cvelist
Cvelist
added 2021/05/24 10:33 p.m.28 views

CVE-2021-33561

A stored cross-site scripting XSS vulnerability in Shopizer before 2.17.0 allows remote attackers to inject arbitrary web script or HTML via customername in various forms of store administration. It is saved in the database. The code is executed for any user of store administration when informati...

5.2AI score0.0285EPSS
Exploits2References3
CNVD
CNVD
added 2019/09/07 12:0 a.m.2 views

Code Execution Vulnerability in SongCMS Backend

SongCMS is a PHP MySQL, ASP Access/SQL Server based development , enterprise-oriented , multi-language support , free , open source CMS, to help business users to quickly build and deploy enterprise-level portal . SongCMS backend code execution vulnerabilities , attackers use the vulnerability to...

7.7AI score
Exploits0
Rows per page
Query Builder