Lucene search
K

2352 matches found

CNNVD
CNNVD
added 2025/01/24 12:0 a.m.4 views

WordPress plugin Bootstrap Ultimate 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

9.8CVSS8.4AI score0.01257EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.8 views

PT-2025-2212 · WordPress · Bootstrap Ultimate

Name of the Vulnerable Software and Affected Versions: Bootstrap Ultimate theme for WordPress versions up to and including 1.4.9 Description: The issue allows unauthenticated attackers to include PHP files on the server via the path parameter, enabling the execution of any PHP code in those files...

9.8CVSS8AI score0.01257EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2025/01/23 5:51 p.m.23 views

Envoy Admin Interface Exposed through prometheus metrics endpoint

Impact A user with access to a Kubernetes cluster where Envoy Gateway is installed can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by Envoy Gateway. The admin interface can be used to terminate the Envoy process and extract the Envoy configuration...

7.1CVSS7.2AI score0.00413EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2025/01/23 3:20 a.m.368 views

CVE-2025-24030

CVE-2025-24030 affects Envoy Gateway prior to version 1.2.6. A user with Kubernetes cluster access can perform a path traversal attack against the Envoy Admin interface to terminate the Envoy process and exfiltrate the proxy configuration (potentially containing confidential data). The issue is f...

7.1CVSS7.2AI score0.00413EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/01/23 3:20 a.m.25 views

CVE-2025-24030 Envoy Admin Interface Exposed through prometheus metrics endpoint

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by any version of Envoy Gateway prior...

7.1CVSS0.00413EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/01/23 3:20 a.m.9 views

CVE-2025-24030 Envoy Admin Interface Exposed through prometheus metrics endpoint

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by any version of Envoy Gateway prior...

7.1CVSS7.2AI score0.00413EPSS
Exploits0References4
OSV
OSV
added 2025/01/23 3:20 a.m.8 views

CVE-2025-24030 Envoy Admin Interface Exposed through prometheus metrics endpoint

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by any version of Envoy Gateway prior...

7.1CVSS6.9AI score0.00413EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/01/23 12:0 a.m.5 views

PT-2025-5269

Name of the Vulnerable Software and Affected Versions: Envoy Gateway versions prior to 1.2.6 Description: A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by Envoy Gateway. The admin interface can be used to...

8.9CVSS7.9AI score0.0104EPSS
Exploits2References96
Patchstack
Patchstack
added 2025/01/22 12:0 a.m.4 views

Drupal Flattern – Multipurpose Bootstrap Business Profile module * - Authenticated Other Vulnerability Type vulnerability

Authenticated Other Vulnerability Type vulnerability discovered by Drupal Security Site in WordPress Module Flattern – Multipurpose Bootstrap Business Profile versions...

6.6CVSS6.8AI score0.00459EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/01/15 4:15 p.m.11 views

CVE-2025-22743

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode twitter-bootstrap-collapse-aka-accordian-shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian...

6.5CVSS0.00269EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/15 3:23 p.m.6 views

CVE-2025-22743 WordPress Twitter Bootstrap Collapse aka Accordian Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian Shortcode: from n/a through 1.0...

6.5CVSS7AI score0.00269EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/15 3:23 p.m.22 views

CVE-2025-22743 WordPress Twitter Bootstrap Collapse aka Accordian Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mohsin Rasool Twitter Bootstrap Collapse aka Accordian Shortcode twitter-bootstrap-collapse-aka-accordian-shortcode allows DOM-Based XSS.This issue affects Twitter Bootstrap Collapse aka Accordian...

6.5CVSS0.00269EPSS
Exploits0References1
CVE
CVE
added 2025/01/15 3:23 p.m.51 views

CVE-2025-22743

CVE-2025-22743: DOM-Based XSS in Twitter Bootstrap Collapse (Accordion Shortcode). Improper input handling in Twitter Bootstrap Collapse/Accordion Shortcode allows cross-site scripting. Affected: Twitter Bootstrap Collapse aka Accordion Shortcode from n/a to 1.0. Published 2025-01-14. Connected d...

6.5CVSS7.2AI score0.00269EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.3 views

WordPress plugin Twitter Bootstrap Collapse aka Accordian Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Twitter Bootstrap Collapse aka Accordian...

6.5CVSS7.6AI score0.00269EPSS
Exploits0References2
Chainguard
Chainguard
added 2025/01/14 7:46 p.m.10 views

GHSA-GJF6-3W4P-7XFH vulnerabilities

Vulnerabilities for packages: dotnet-bootstrap...

7.3AI score
Exploits0
Wolfi
Wolfi
added 2025/01/14 7:46 p.m.4 views

GHSA-GJF6-3W4P-7XFH vulnerabilities

Vulnerabilities for packages: dotnet-bootstrap...

7.5AI score
Exploits0
Chainguard
Chainguard
added 2025/01/14 7:44 p.m.5 views

GHSA-JJCV-WR2G-4RV4 vulnerabilities

Vulnerabilities for packages: dotnet-bootstrap...

7.3AI score
Exploits0
Wolfi
Wolfi
added 2025/01/14 7:44 p.m.3 views

GHSA-JJCV-WR2G-4RV4 vulnerabilities

Vulnerabilities for packages: dotnet-bootstrap...

7.5AI score
Exploits0
Chainguard
Chainguard
added 2025/01/14 7:43 p.m.6 views

GHSA-P54P-P3QM-8VGJ vulnerabilities

Vulnerabilities for packages: dotnet-bootstrap...

7.3AI score
Exploits0
Wolfi
Wolfi
added 2025/01/14 7:43 p.m.21 views

GHSA-P54P-P3QM-8VGJ vulnerabilities

Vulnerabilities for packages: dotnet-bootstrap...

7.5AI score
Exploits0
Rows per page
Query Builder