Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/05/28 2:14 p.m.8 views

CVE-2026-33552

Northern.tech Mender Enterprise Server before 4.1.1 has Incorrect Access Control...

3.7CVSS5.8AI score0.00251EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 12:0 a.m.8 views

CVE-2026-33552

Northern.tech Mender Enterprise Server before 4.1.1 has Incorrect Access Control...

5.8AI score0.00251EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.7 views

Text Generation Web UI 路径遍历漏洞

Text Generation Web UI is a local AI UI interface developed by oobabooga’s individual developer. Versions of Text Generation Web UI prior to 4.1.1 contained a path traversal vulnerability. This vulnerability stems from allowing extended settings to be saved in the py format, which can overwrite...

9.1CVSS6AI score0.00438EPSS
Exploits1References2
NVD
NVD
added 2026/04/02 3:16 p.m.4 views

CVE-2026-34973

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the searchCustomPages method in phpmyfaq/src/phpMyFAQ/Search.php uses realescapestring via escape to sanitize the search term before embedding it in LIKE clauses. However, realescapestring does not escape SQL LIKE...

6.9CVSS0.00336EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/25 3:7 a.m.25 views

CVE-2026-27746 SPIP jeux < 4.1.1 Reflected XSS via index Parameters

The SPIP jeux plugin versions prior to 4.1.1 contain a reflected cross-site scripting XSS vulnerability in the prepropre pipeline. The plugin incorporates untrusted request parameters into HTML output without proper output encoding, allowing attackers to inject arbitrary script content into pages...

6.1CVSS0.00201EPSS
Exploits0References5
CVE
CVE
added 2026/01/27 3:55 p.m.15 views

CVE-2026-24875

CVE-2026-24875 concerns yoyofr modizer prior to 4.1.1, with an Integer Overflow or Wraparound vulnerability in the modizer component. The issue is described as affecting modizer before 4.1.1, with a CVSS v3.1 base score of 7.8 (HIGH) and impact to Confidentiality, Integrity, and Availability (all...

7.8CVSS5.9AI score0.00118EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.9 views

PT-2026-4964

Integer Overflow or Wraparound vulnerability in yoyofr modizer.This issue affects modizer: before 4.1.1...

7.8CVSS5.9AI score0.00118EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/12 12:0 a.m.36 views

RHEL 8 : nodejs:14 (RHSA-2023:1742)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1742 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.7AI score0.24928EPSS
Exploits11References36
CNNVD
CNNVD
added 2022/05/17 12:0 a.m.8 views

Smarty 代码注入漏洞

Smarty is a PHP-based template engine that helps to separate the representation HTML/CSS from the application logic. A code injection vulnerability exists in Smarty versions 3.1.x prior to 3.1.45 and 4.1.x prior to 4.1.1, which can be exploited by a remote attacker to send a specially crafted...

8.8CVSS7.2AI score0.0454EPSS
Exploits1References15
CNNVD
CNNVD
added 2022/03/28 12:0 a.m.5 views

WordPress plugin Popup Builder SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A SQL injection vulnerability exists in...

9.8CVSS6.2AI score0.4408EPSS
Exploits2References3
CNNVD
CNNVD
added 2021/10/07 12:0 a.m.6 views

Zammad 命令注入漏洞

Zammad is a web-based open source help desk/customer support system. a command injection vulnerability exists in versions of Zammad prior to 4.1.1. An attacker could exploit the vulnerability to inject commands via custom packages...

9.8CVSS8.5AI score0.01887EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/07 12:0 a.m.3 views

Zammad 安全漏洞

Zammad is a Web-based open source help desk/customer support system. remote code execution vulnerability exists in versions of Zammad prior to 4.1.1. An attacker could exploit the vulnerability by sending a specially crafted request to Zammad to execute code on the server...

7.2CVSS8.1AI score0.01257EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/07 12:0 a.m.3 views

Zammad 代码问题漏洞

Zammad is an open source web-based help desk/customer support system. a remote code execution vulnerability exists in the Form functionality of Zammad versions prior to 4.1.1. The vulnerability stems from improper handling of deserialization. An attacker could exploit the vulnerability to execute...

9.8CVSS9.3AI score0.02255EPSS
Exploits0References2
Rows per page
Query Builder