Lucene search
K

72 matches found

Hacker One
Hacker One
added 2026/04/06 2:47 p.m.14 views

Revive Adserver: Blind SQL injection via clientid parameter in zone‑include.php

Vulnerability description not provided...

8.3CVSS5.8AI score0.00298EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/01/14 9:53 a.m.13 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS6.6AI score0.00236EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-6036

Malware in sbrugna...

5.4CVSS5.6AI score0.00532EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-2637

Malware in sbrugna...

7.5CVSS6.4AI score0.01211EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2019-0745

Malicious code in bioql PyPI...

9.8CVSS8.6AI score0.13836EPSS
Exploits0References27
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28694

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00198EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-31562

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00221EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-26738

Malicious code in bioql PyPI...

10CVSS8.5AI score0.00563EPSS
Exploits0References1
NVD
NVD
added 2025/09/29 9:15 a.m.8 views

CVE-2025-10344

HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'clientid' at the endpoint '/projects/project/x'...

6.1CVSS0.00221EPSS
Exploits0References1
OSV
OSV
added 2025/09/29 9:15 a.m.2 views

CVE-2025-10344

HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'clientid' at the endpoint '/projects/project/x'...

6.1CVSS5.8AI score0.00221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/29 8:41 a.m.4 views

CVE-2025-10344 HTML injection in Perfex CRM

HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'clientid' at the endpoint '/projects/project/x'...

5.3CVSS6.7AI score0.00221EPSS
Exploits0References1
CVE
CVE
added 2025/09/29 8:41 a.m.17 views

CVE-2025-10344

CVE-2025-10344 describes a stored HTML-injection vulnerability in Perfex CRM v3.2.1. The issue arises from insufficient validation of user input in the API at the endpoint /projects/project/x, where HTML can be injected via the POST parameters named, clientid. The core impact is stored HTML injec...

6.1CVSS6.7AI score0.00221EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/29 12:0 a.m.5 views

PT-2025-39817

Name of the Vulnerable Software and Affected Versions Perfex CRM version 3.2.1 Description An HTML injection issue exists in Perfex CRM version 3.2.1. This is due to insufficient validation of user-supplied data. An attacker can inject HTML code by sending a POST request to the /projects/project/...

6.1CVSS7AI score0.00221EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/29 12:0 a.m.6 views

Perfex CRM 跨站脚本漏洞

Perfex CRM is a customer relationship management software from Perfex CRM open source. It is used to manage customers, projects and create invoices in the cloud. A cross-site scripting vulnerability exists in Perfex CRM version 3.2.1, which stems from insufficient validation of user input for the...

6.1CVSS6.1AI score0.00221EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in hw-clientid (npm)

The package hw-clientid was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-22814 Malicious code in hw-clientid (npm)

The package hw-clientid was found to contain malicious code...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-27029

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mmhub client id out- of-bounds access Properly handle cid 0x140...

7.1CVSS5.8AI score0.00282EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/28 3:21 a.m.13 views

CVE-2025-5929

The The Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘clientId’ parameter in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...

6.4CVSS6AI score0.00198EPSS
Exploits0References1
OSV
OSV
added 2025/06/26 3:15 a.m.3 views

CVE-2025-5929

The The Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘clientId’ parameter in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...

5.4CVSS5.9AI score0.00198EPSS
Exploits0References3
CVE
CVE
added 2025/06/26 2:22 a.m.29 views

CVE-2025-5929

CVE-2025-5929 – The Countdown WordPress plugin is reported to have a Stored Cross-Site Scripting vulnerability via the clientId parameter in versions up to and including 2.0.1. The vulnerability requires authentication at Contributor level or higher, and could allow an attacker to inject scripts ...

6.4CVSS5.9AI score0.00198EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder