Lucene search
K

6052 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:32 p.m.7 views

CVE-2020-35127

Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.jsp Stored XSS...

5.4CVSS6.7AI score0.00566EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:20 p.m.5 views

CVE-2020-23039

Folder Lock v3.4.5 was discovered to contain a stored cross-site scripting XSS vulnerability in the Create Folder function under the 'create' module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload as a path or folder name...

5.4CVSS5.9AI score0.00562EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 11:50 a.m.7 views

CVE-2016-10716

The Mail.ru Calendar plugin before 2.5.0.61 for Atlassian Jira has XSS via the Name field in a Create Calender action, related to a MailRuCalendar.jspaperiod/month URI...

5.4CVSS5.9AI score0.00753EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:43 a.m.8 views

CVE-2019-5955

CREATE SD official App for Android version 1.0.2 and earlier allows remote attackers to bypass access restriction to lead a user to access an arbitrary website via vulnerable application and conduct phishing attacks...

5.8CVSS7.4AI score0.01133EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:35 a.m.7 views

CVE-2019-14987

Adive Framework through 2.0.7 is affected by XSS in the Create New Table and Create New Navigation Link functions...

4.8CVSS6.1AI score0.00633EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:17 a.m.8 views

CVE-2013-3742

Cross-site scripting XSS vulnerability in viewcreate.php aka the Create View page in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an invalid SQL CREATE VIEW statement with a crafted name that triggers an error message...

3.5CVSS5.8AI score0.01155EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 a.m.7 views

CVE-2018-17556

MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action...

5.4CVSS5.6AI score0.00588EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:36 a.m.10 views

CVE-2018-20874

cPanel before 74.0.8 allows self XSS in the WHM "Create a New Account" interface SEC-428...

5.4CVSS6.1AI score0.00531EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:54 a.m.9 views

CVE-2017-8930

Multiple cross-site request forgery CSRF vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can 1 create new administrator user accounts and take over the entire application, 2 create regular user accounts, or 3 change...

8.8CVSS7.7AI score0.00718EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:28 a.m.7 views

CVE-2016-10715

The Artezio Kanban Board plugin 1.4 revision 1914 for Atlassian Jira has XSS via the Board Name in a Create New Board action, related to an artezioboard/mainPage.jspa?kanbanId=7/kanban-view URI...

5.4CVSS5.9AI score0.0058EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:46 a.m.13 views

CVE-2011-4453

The PageListSort function in scripts/pagelist.php in PmWiki 2.x before 2.2.35 allows remote attackers to execute arbitrary code via PHP sequences in a crafted order parameter in a pagelist directive, leading to unintended use of the PHP createfunction function...

7.5CVSS7.9AI score0.5341EPSS
Exploits12References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:33 a.m.6 views

CVE-2018-20919

cPanel before 70.0.23 allows stored XSS via a WHM Create Account action SEC-373...

6.1CVSS5.6AI score0.00647EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:46 a.m.6 views

CVE-2010-5315

Multiple cross-site request forgery CSRF vulnerabilities in BEdita before 3.1 allow remote attackers to hijack the authentication of administrators for requests that 1 create categories via a data array to news/saveCategories or 2 modify credentials via a data array to admin/saveUser...

6.8CVSS7.6AI score0.0106EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 7:26 p.m.8 views

CVE-2008-7046

AJ Square Free Polling Script AJPoll allows remote attackers to bypass authentication and create new polls via a direct request to admin/include/newpoll.php, a different vector than CVE-2008-7045. NOTE: the provenance of this information is unknown; the details are obtained solely from third part...

6.4CVSS7AI score0.02624EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:14 p.m.7 views

CVE-1999-0960

IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option...

7.2CVSS6.8AI score0.00706EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/21 4:38 a.m.2 views

Malicious code in create-qr-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 58919bf64984f8dcdd4ec2802325f47fd7ef1a21aa8f1cb4d9c64549054122bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/05/21 12:46 a.m.1 views

SUSE CVE-2025-37974

In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix missing check for zpcicreatedevice error return The zpcicreatedevice function returns an error pointer that needs to be checked before dereferencing it as a struct zpcidev pointer. Add the missing check in clpadd...

5.5CVSS7.6AI score0.00146EPSS
Exploits0References16
OSV
OSV
added 2025/05/20 5:15 p.m.2 views

DEBIAN-CVE-2025-37974

In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix missing check for zpcicreatedevice error return The zpcicreatedevice function returns an error pointer that needs to be checked before dereferencing it as a struct zpcidev pointer. Add the missing check in clpadd...

5.5CVSS5.6AI score0.00146EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/20 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked zpcicreatedevice error return that could result in a null pointer dereference...

5.5CVSS7AI score0.00146EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2025/05/19 12:0 a.m.87 views

📄 Economizzer 0.9-beta1 Cross Site Scripting

Economizzer version 0.9-beta1 suffers from multiple persistent cross site scripting vulnerabilities. A persistent cross-site scripting XSS vulnerability exists in gugoan's Economizzer v.0.9-beta1 The application fails to properly sanitize user-supplied input when creating a new cash book entry vi...

6.8AI score
Exploits0
Rows per page
Query Builder