Lucene search
+L

262 matches found

CVE
CVE
added 2025/08/08 6:12 p.m.19 views

CVE-2012-10042

CVE-2012-10042 affects Sflog! CMS 1.0 via an authenticated file-upload vulnerability in the blog management interface (manage.php). With default credentials (admin:secret), authenticated users can upload files to blogs/download/uploads/, where the upload validation is insufficient, enabling a PHP...

8.7CVSS7.4AI score0.00971EPSS
Exploits0References4
OSV
OSV
added 2025/08/08 4:15 p.m.6 views

CVE-2025-4576

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.133, and Liferay DXP 2025.Q1.0 through 2025.Q1.4 ,2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 allows an...

6.1CVSS5.9AI score0.00588EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/08 3:42 p.m.3 views

CVE-2025-4576

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.133, and Liferay DXP 2025.Q1.0 through 2025.Q1.4 ,2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 allows an...

6.9CVSS5.4AI score0.00588EPSS
Exploits0References1
CVE
CVE
added 2025/08/08 3:42 p.m.34 views

CVE-2025-4576

CVE-2025-4576 describes a reflected XSS in Liferay Portal 7.4.0–7.4.3.133 and Liferay DXP versions listed (various 2024/Qx and 2025/Q1 ranges, up to 7.4 GA with update 92). The vulnerability allows a remote, non-authenticated attacker to inject JavaScript into the page at modules/apps/blogs/blogs...

6.9CVSS5.4AI score0.00588EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologies
added 2025/08/08 12:0 a.m.5 views

PT-2025-32363

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.0 through 7.4.3.133 Liferay DXP versions 2025.Q1.0 through 2025.Q1.4 Liferay DXP versions 2024.Q4.0 through 2024.Q4.7 Liferay DXP versions 2024.Q3.1 through 2024.Q3.13 Liferay DXP versions 2024.Q2.0 through 2024.Q2....

6.9CVSS5.8AI score0.00588EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.14 views

Liferay Portal 7.4.0.x <= 7.4.3.132 Multiple Vulnerabilities

The version of Liferay Portal installed on the remote host is 7.4.x = 7.4.3.132. It is, therefore, affected by multiple vulnerabilities: - A reflected cross-site scripting XSS vulnerability in the Liferay Portal allows an remote non-authenticated attacker to inject JavaScript into the...

9.1CVSS5.5AI score0.00588EPSS
Exploits1References23
Gitee
Gitee
added 2025/07/27 4:2 a.m.211 views

Exploit for CVE-2014-7911

Security-Data-Analysis-and-Visualization 2018-2020青年安全圈-活跃技术博主/博客 声明 所有数据均来自且仅来自公开信息,未加入个人先验知识,如有疑义,请及时联系[email protected]。 公开这批数据是为了大家一起更快更好地学习,请不要滥用这批数据,由此引发的问题,本人将概不负责。 对这批数据的分析文章首发在个人微信公众号,原文为:我分析了2018-2020年青年安全圈450个活跃技术博客和博主,转载请联系作者。 Why - 最初目的:个人日常安全阅读资源不足,需要从博客、Github、Twitter等多个数据源补充。 -...

9.8CVSS9AI score0.99964EPSS
Exploits75
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 p.m.6 views

CVE-2021-38267

Cross-site scripting XSS vulnerability in the Blogs module's edit blog entry page in Liferay Portal 7.3.2 through 7.3.6, and Liferay DXP 7.3 before fix pack 2 allows remote attackers to inject arbitrary web script or HTML via the comliferayblogswebportletBlogsAdminPortlettitle and...

5.4CVSS5.9AI score0.00573EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:54 a.m.10 views

CVE-2012-6104

blog/rsslib.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allows remote attackers to obtain sensitive information from site-level blogs by leveraging the guest role and reading an RSS feed...

5CVSS6.5AI score0.014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:11 a.m.7 views

CVE-2010-1082

Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when magicquotesgpc is disabled, allow remote attackers to read arbitrary files via directory traversal sequences in the 1 theme parameter to loadStyles.php and the 2 scripts parameter to javascript/loadScripts.php. NOTE: the...

4.3CVSS7.1AI score0.0136EPSS
Exploits0References1
Circl
Circl
added 2025/04/08 4:14 p.m.13 views

CVE-2025-27751

creationtimestamp| type| source ---|---|--- 2025-04-08 16:14:25+00:00| seen| https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review 2025-04-09 07:18:23+00:00| seen| https://poliverso.org/objects/0477a01e-45bed739-4cf70d274d3babdb 2025-06-16 21:02:26+00:00| seen|...

7.8CVSS7.6AI score0.0211EPSS
Exploits4References3
Circl
Circl
added 2025/02/04 6:57 p.m.6 views

CVE-2025-0451

creationtimestamp| type| source ---|---|--- 2025-02-04 18:57:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113947144092757130 2025-02-04 19:05:24+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113947176087524263 2025-02-04 19:15:53+00:00| seen|...

6.3CVSS6.9AI score0.0032EPSS
Exploits0References8
Spring Security Advisories
Spring Security Advisories
added 2024/12/12 12:0 a.m.13 views

A Bootiful Podcast: the amazing K. Siva Prasad Reddy (SivaLabs)

Hi, Spring fans! In today's installment I talk to industry legend K. Siva Prasad Reddy @sivalabs. You've probably read one of his blogs. I know I have!...

7.1AI score
Exploits0
Circl
Circl
added 2024/11/12 5:55 p.m.30 views

CVE-2024-38203

creationtimestamp| type| source ---|---|--- 2024-11-12 17:55:50+00:00| seen| https://infosec.exchange/users/cve/statuses/113471268438576919 2024-11-12 18:26:35+00:00| seen| https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review...

6.2CVSS6.7AI score0.00677EPSS
Exploits0References2
Circl
Circl
added 2024/09/10 5:25 p.m.11 views

CVE-2024-38217

creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review 2024-09-11 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1368 2024-09-11 09:47:58+00:00| exploited|...

5.4CVSS6.3AI score0.09756EPSS
Exploits1References18
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.297 views

Squid Proxy Range Header Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Squid Proxy Range Header DoS', 'Description' = %q The range handler in The Squid Caching Proxy Server 3.0-4.1.4 and 5.0.1-5.0.5 suffers from...

6.5CVSS7AI score0.95785EPSS
Exploits2
Openbugbounty
Openbugbounty
added 2024/08/19 1:10 p.m.9 views

blogs.nalsar.ac.in Improper Access Control vulnerability OBB-3959112

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Circl
Circl
added 2024/04/18 4:45 p.m.16 views

CVE-2022-38037

creationtimestamp| type| source ---|---|--- 2024-04-18 16:45:00+00:00| seen| https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html 2024-12-19 18:03:00+00:00| seen| https://googleprojectzero.blogspot.com/2024/12/the-windows-registry-adventure-5-regf.html 2025-05-23...

7.8CVSS7.6AI score0.0091EPSS
Exploits0References4
Circl
Circl
added 2024/04/09 9:41 p.m.19 views

CVE-2024-29988

creationtimestamp| type| source ---|---|--- 2024-04-09 21:41:41+00:00| exploited| https://t.me/ctinow/214562 2024-04-10 00:21:48+00:00| exploited| https://t.me/ctinow/214580 2024-04-10 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1267 2024-04-10 09:11:17+00:00| seen|...

8.8CVSS7.5AI score0.45151EPSS
Exploits1References13
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.15 views

编号撤回

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. wordPress plugin is an application plugin. This CVE number has been...

5.4CVSS8.4AI score0.00403EPSS
Exploits2References5
Rows per page
Query Builder