Lucene search
K

9 matches found

OSV
OSV
added 2026/03/31 3:16 p.m.3 views

UBUNTU-CVE-2026-33276

Stored cross-site scripting XSS in Checkmk 2.5.0 beta before 2.5.0b2 allows authenticated users with permission to create hosts or services to execute arbitrary JavaScript in the browsers of other users performing searches in the Unified Search feature...

8.6CVSS5.9AI score0.00144EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/31 1:44 p.m.2 views

CVE-2026-33276 XSS in Unified Search via Unescaped Host/Service Names

Stored cross-site scripting XSS in Checkmk 2.5.0 beta before 2.5.0b2 allows authenticated users with permission to create hosts or services to execute arbitrary JavaScript in the browsers of other users performing searches in the Unified Search feature...

8.6CVSS6AI score0.00144EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-11494

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00515EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/04/18 2:22 a.m.13 views

CVE-2025-29708

SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services...

9.8CVSS7.3AI score0.00515EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/16 12:0 a.m.28 views

CVE-2025-29708

SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services...

0.00515EPSS
Exploits1References2
CVE
CVE
added 2025/04/16 12:0 a.m.56 views

CVE-2025-29708

CVE-2025-29708 affects SourceCodester Company Website CMS 1.0. The vulnerability is a file upload flaw in the Create Services endpoint (/dashboard/Services) that could allow arbitrary file uploads due to improper validation. CVSS v3.1 base score 9.8 (network access, no authentication, user intera...

9.8CVSS6.7AI score0.00515EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.4 views

PT-2025-16891 · Sourcecodester · Sourcecodester Company Website Cms

Name of the Vulnerable Software and Affected Versions: SourceCodester Company Website CMS version 1.0 Description: The issue concerns a file upload vulnerability via the "Create Services" file. This vulnerability can be exploited through the "/dashboard/Services" API endpoint. The Create Services...

9.8CVSS6.2AI score0.00515EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/04/16 12:0 a.m.7 views

CVE-2025-29708

SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services...

9.6AI score0.00515EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.3 views

Easy!Appointments Security Vulnerability

Easy!Appointments is a web-based appointment and schedule management system. A security vulnerability exists in Easy!Appointments that stems from an insecure authorization issue in the /services interface. A low-privileged attacker can exploit the vulnerability to create services for any user on...

7.7CVSS6.8AI score0.00327EPSS
Exploits0References2
Rows per page
Query Builder