Lucene search
+L

931 matches found

CNNVD
CNNVD
added 2022/09/06 12:0 a.m.22 views

WordPress plugin Beaver Builder – WordPress Page Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Beaver Builder - A...

6.4CVSS5.7AI score0.00457EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/06 12:0 a.m.6 views

WordPress plugin Beaver Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Beaver Builder - A...

6.4CVSS5.7AI score0.00457EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/06 12:0 a.m.4 views

WordPress plugin WP-UserOnline 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.5CVSS5.2AI score0.00988EPSS
Exploits1References9
CNNVD
CNNVD
added 2022/09/06 12:0 a.m.3 views

WordPress plugin Simple Banner 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.4CVSS5.7AI score0.00787EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2022/09/02 12:0 a.m.10 views

The vulnerability of the Kubernetes cluster deployment and management software Weave GitOps Enterprise, related to the lack of measures for cleaning input data, allows an attacker to execute XSS attacks.

The vulnerability of the Kubernetes Weave GitOps Enterprise deployment and cluster management software is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to carry out XSS attacks using a specially created link...

7.5CVSS5.9AI score0.00668EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/31 12:0 a.m.11 views

The susceptibility of the microprogramming software of the iSTAR Ultra controller, related to the failure to take measures for data cleaning at the management level, allows the attacker to elevate their privileges to the root level.

The vulnerability of the iSTAR Ultra controller’s microprogramming software is related to the failure to take measures to clean data at the control level. Exploiting this vulnerability can allow an attacker, operating remotely, to elevate their privileges to the root level...

10CVSS7.7AI score0.01949EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/31 12:0 a.m.10 views

The vulnerability of the Ping_addr function in D-Link DIR810LA1FW102B22 microprogrammed router software allows a hacker to execute arbitrary code. [source-iocs-preserved const=DIR810LA1_FW102B22]

The vulnerability of the Pingaddr function in D-Link DIR810LA1FW102B22 microprogrammed router software is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code. source-iocs-preserved const=DIR810LA1FW102B2...

5.5CVSS8.1AI score0.22961EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/08/30 12:0 a.m.5 views

PT-2022-4568 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.10 through 15.1.6 GitLab CE/EE versions 15.2 through 15.2.4 GitLab CE/EE versions 15.3 through 15.3.2 Description: A vulnerability in GitLab CE/EE allows an authenticated user to achieve remote code execution via the...

10CVSS9.4AI score0.86194EPSS
Exploits5References25
BDU FSTEC
BDU FSTEC
added 2022/08/26 12:0 a.m.8 views

The vulnerability of the mySCADA myPRO system for visualizing and controlling industrial processes, related to the lack of measures for cleaning input data, allows a intruder to execute arbitrary commands.

The vulnerability of the mySCADA myPRO industrial process visualization and control system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS8AI score0.41466EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/24 12:0 a.m.10 views

The vulnerability of the Outbyte PC Repair program for cleaning temporary files and checking security settings is related to an uncontrolled search path element, allowing attackers to increase their privileges.

The vulnerability of Outbyte PC Repair’s file cleaning and security settings checking function is related to an uncontrolled search path element. Exploiting this vulnerability can allow attackers to enhance their privileges...

5.3CVSS7.2AI score0.00493EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2022/08/16 7:42 a.m.8 views

OPENSUSE-SU-2022:10091-1 Security update for canna

This update for canna fixes the following issues: - CVE-2022-21950: Move UNIX socket dir from /tmp to /run to avoid local attackers being able to place bogus directories in its stead. Use systemd-tmpfiles for cleaning old sockets boo1199280...

5.3CVSS5.2AI score0.00142EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/15 12:0 a.m.4 views

WordPress plugin Contact Form DB 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.1CVSS5.8AI score0.0051EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/08/13 12:0 a.m.6 views

HCL Leap 安全漏洞

HCL Leap is a low-code development platform from HCL India. HCL Leap suffers from a security vulnerability that stems from improper cleaning of SVG files, leading to client-side script injection in deployed applications...

5.4CVSS5.6AI score0.00198EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/08/12 12:0 a.m.8 views

Vulnerabilities of microprogramming software for Siemens STEP 7 programmable logic controllers, systems for manufacturing process control such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT Production Suite, the system diagnostic tool SIMOCODE ES, the software for parameterizing, diagnosing, and documenting device startup data (SIRIUS Soft Starter ES), technological process control systems like SIMATIC PCS neo, the Opcenter RD&L software platform, and the software for analyzing equipment efficiency and key indicators SIMATIC IT LMS. These vulnerabilities may allow a intruder to trigger malfunctions during maintenance operations due to improper cleaning or resource release.

The vulnerabilities of the microprogramming software for Siemens STEP 7 programmable logic controllers, the systems for managing production processes such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT...

6.5CVSS7.3AI score0.02484EPSS
Exploits0References2Affected Software7
BDU FSTEC
BDU FSTEC
added 2022/08/10 12:0 a.m.10 views

The vulnerability of the implementation of automatic login for mobile devices in the virtual training environment Moodle allows a hacker to carry out a phishing attack and expose the protected information.

The vulnerability of the automatic login function in the Moodle virtual training system for mobile devices is related to improper cleaning of user data. Exploiting this vulnerability allows a malicious actor to carry out a phishing attack and disclose sensitive information through a specially...

5CVSS6AI score0.00889EPSS
Exploits0References9Affected Software3
Openbugbounty
Openbugbounty
added 2022/08/08 5:57 a.m.10 views

cleanestcleaningaustralia.com.au Cross Site Scripting vulnerability OBB-2829912

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/08/04 12:0 a.m.9 views

The vulnerability of the SAP Business One resource management system allows a perpetrator to execute arbitrary codes.

The vulnerability of the SAP Business One resource management system is related to insufficient cleaning of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS8AI score0.0093EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2022/08/01 12:0 a.m.7 views

WordPress plugin Popup 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

4.8CVSS4.9AI score0.00511EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/08/01 12:0 a.m.8 views

WordPress plugin Flexi Quote Rotator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS4.9AI score0.00511EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/08/01 12:0 a.m.3 views

WordPress plugin Invitation Based Registrations 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

4.8CVSS4.9AI score0.00511EPSS
Exploits2References2
Rows per page
Query Builder