Lucene search
K

13 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/05 1:52 a.m.6 views

CVE-2026-50591

In Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/20 4:21 p.m.7 views

CVE-2025-11044

An Allocation of Resources Without Limits or Throttling vulnerability in the ANSL-Server component of B Automation Runtime versions prior to 6.5 and prior to R4.93 could be exploited by an unauthenti-cated attacker on the network to win a race condition, resulting in permanent denial-of-service D...

8.9CVSS5.6AI score0.00313EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.3 views

Zoom Workplace < 6.5.10 Vulnerability (ZSB-25046)

The version of Zoom Workplace installed on the remote host is prior to 6.5.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-25046 advisory. - Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an unauthenticated user to impact integrity vi...

6.1CVSS5.4AI score0.00169EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/30 6:17 p.m.6 views

CVE-2025-57797

Incorrect privilege assignment vulnerability exists in ScanSnap Manager installers versions prior to V6.5L61. If this vulnerability is exploited, an authenticated local attacker may escalate privileges and execute an arbitrary command...

8.5CVSS7.8AI score0.00122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:42 a.m.5 views

CVE-2024-5284

The wp-affiliate-platform WordPress plugin before 6.5.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

6.8CVSS5.8AI score0.00241EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/14 2:18 p.m.14 views

CVE-2024-10864 SQL Injection vulnerability has been discovered in OpenText™ Advanced Authentication.

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in OpenText Advanced Authentication. This issue affects Advanced Authentication versions before 6.5...

7.5CVSS0.00257EPSS
Exploits0References1
OSV
OSV
added 2024/07/13 6:15 a.m.5 views

CVE-2024-5283

The wp-affiliate-platform WordPress plugin before 6.5.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS5.8AI score0.00368EPSS
Exploits1References1
OSV
OSV
added 2023/12/15 11:15 a.m.2 views

CVE-2023-48554

Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00597EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/17 12:0 a.m.5 views

Devellion CubeCart Security Breach

Devellion CubeCart is a free and open source e-commerce shopping cart software from the company of Devellion UK. The software supports selling products, adding/editing products or images in an online store, etc. A security vulnerability exists in Devellion CubeCart versions prior to 6.5.3, which...

7.2CVSS7.2AI score0.00981EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/11/02 12:0 a.m.4 views

Fortinet FortiSIEM 信任管理问题漏洞

Fortinet FortiSIEM is a suite of security information and event management systems from the American company Fiat Fortinet. The system includes features such as asset discovery, workflow automation, and unified management. A trust management issue vulnerability exists in Fortinet FortiSIEM versio...

7.8CVSS7.4AI score0.00195EPSS
Exploits0References2
OSV
OSV
added 2020/11/12 7:15 p.m.4 views

CVE-2020-12350

Improper access control in the IntelR XTU before version 6.5.1.360 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.1AI score0.00322EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/15 12:0 a.m.3 views

KinagaCMS Cross-Site Scripting Vulnerability

KinagaCMS is a PHP-based content management system CMS. A cross-site scripting vulnerability exists in KinagaCMS versions prior to 6.5. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

6.1CVSS6.1AI score0.0153EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2017/08/25 7:29 p.m.2 views

CVE-2017-9640

A Path Traversal issue was discovered in Automated Logic Corporation ALC ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An...

6.5CVSS5.7AI score0.0845EPSS
Exploits5References4
Rows per page
Query Builder