Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5078 matches found

CVE
CVEadded 2022/11/21 12:0 a.m.57 views

CVE-2022-44830

Summary: CVE-2022-44830 affects Sourcecodester Event Registration App v1.0. The vulnerability is a set of CSV injection flaws in the First Name, Contact, and Remarks fields that can be exploited to execute arbitrary code via a crafted Excel file. The connected documents consistently describe thes...

7.8CVSS8AI score0.00558EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2022/11/18 6:50 p.m.12 views

GHSA-HC82-W9V8-83PR Witness Block Parsing DoS Vulnerability

Impact All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. Opening channels is prohibited, and also on...

8.2CVSS7AI score0.00999EPSS
Exploits1References6
OSV
OSVadded 2022/11/17 11:15 p.m.2 views

CVE-2022-41791

Auth. subscriber+ CSV Injection vulnerability in ProfileGrid plugin = 5.1.6 on WordPress...

8.8CVSS5.8AI score0.00646EPSS
Exploits0References1
NVD
NVDadded 2022/11/17 10:15 p.m.14 views

CVE-2022-39389

Lightning Network Daemon lnd is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments a...

8.2CVSS0.00999EPSS
Exploits1References4
Prion
Prionadded 2022/11/17 10:15 p.m.16 views

Design/Logic Flaw

Lightning Network Daemon lnd is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments a...

6.4CVSS6.3AI score0.00999EPSS
Exploits1References4Affected Software2
Vulnrichment
Vulnrichmentadded 2022/11/17 10:8 p.m.6 views

CVE-2022-41791 WordPress ProfileGrid plugin <= 5.1.6 - Auth. CSV Injection vulnerability

Auth. subscriber+ CSV Injection vulnerability in ProfileGrid plugin = 5.1.6 on WordPress...

6.5CVSS7.2AI score0.00646EPSS
Exploits0References1
CVE
CVEadded 2022/11/17 10:8 p.m.68 views

CVE-2022-41791

The CVE-2022-41791 entry concerns an authenticated CSV Injection vulnerability in the WordPress ProfileGrid plugin, affecting versions up to 5.1.6. The vulnerability is tied to ProfileGrid’s handling of CSV uploads/exports, with an impact that, per connected reports, can enable change-authorizati...

8.8CVSS7.7AI score0.00646EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2022/11/17 10:8 p.m.22 views

CVE-2022-41791 WordPress ProfileGrid plugin <= 5.1.6 - Auth. CSV Injection vulnerability

Auth. subscriber+ CSV Injection vulnerability in ProfileGrid plugin = 5.1.6 on WordPress...

6.8CVSS9AI score0.00646EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/11/17 12:0 a.m.3 views

WordPress plugin ProfileGrid 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A CSV injection vulnerabili...

8.8CVSS7.2AI score0.00646EPSS
Exploits0References2
Patchstack
Patchstackadded 2022/11/17 12:0 a.m.18 views

WordPress ProfileGrid plugin <= 5.1.6 - Auth. CSV Injection vulnerability

Auth. CSV Injection vulnerability discovered by Mika Patchstack Alliance in the WordPress ProfileGrid plugin versions = 5.1.6. Solution Update the WordPress ProfileGrid plugin to the latest available version at least 5.1.8...

8.8CVSS3.8AI score0.00646EPSS
Exploits0Affected Software1
Cvelist
Cvelistadded 2022/11/17 12:0 a.m.39 views

CVE-2022-39389 Witness Block Parsing DoS Vulnerability in lnd

Lightning Network Daemon lnd is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments a...

8.2CVSS8.3AI score0.00999EPSS
Exploits1References4
WPVulnDB
WPVulnDBadded 2022/11/17 12:0 a.m.14 views

Export Users With Meta <= 0.6.10 - Subscriber+ CSV Injection

The plugin does not validate data when output it back in a CSV file, which could lead to CSV injection...

2.3AI score
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/11/17 12:0 a.m.16 views

WordPress Export Users With Meta plugin <= 0.6.8 - Auth. CSV Injection vulnerability

Auth. CSV Injection vulnerability discovered by Mika Patchstack Alliance in the WordPress Export Users With Meta plugin versions = 0.6.8. Solution No patched version is available. This plugin has been closed as of November 14, 2022 and is not available for download. This closure is temporary,...

3.8AI score
Exploits0Affected Software1
Patchstack
Patchstackadded 2022/11/15 12:0 a.m.216 views

WordPress WPForms Pro premium plugin <= 1.7.6 - CSV Injection vulnerability

CSV Injection vulnerability discovered by Francesco Carlucci in WordPress WPForms Pro premium plugin versions = 1.7.6. Solution Update the WordPress WPForms Pro plugin to the latest available version at least 1.7.7...

9.8CVSS3.2AI score0.01318EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2022/11/14 3:15 p.m.30 views

CVE-2022-3574

The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection...

9.8CVSS0.01318EPSS
Exploits1References1
OSV
OSVadded 2022/11/14 3:15 p.m.5 views

CVE-2022-3574

The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection...

9.8CVSS5.8AI score0.01318EPSS
Exploits1References1
Prion
Prionadded 2022/11/14 3:15 p.m.35 views

Input validation

The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection...

7.5CVSS9.5AI score0.01318EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2022/11/14 12:0 a.m.104 views

CVE-2022-3574

CVE-2022-3574 concerns WPForms Pro for WordPress, where versions before 1.7.7 do not validate form data while generating exported CSVs, enabling potential CSV injection. The vulnerability affects the CSV export logic, with CVSS v3.1 metrics indicating high severity (CRITICAL) across confidentiali...

9.8CVSS9.7AI score0.01318EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/11/14 12:0 a.m.9 views

CVE-2022-3574 WPForms Pro < 1.7.7 - CSV Injection

The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection...

7.1AI score0.01318EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/11/14 12:0 a.m.41 views

CVE-2022-3574 WPForms Pro < 1.7.7 - CSV Injection

The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection...

9.8AI score0.01318EPSS
Exploits1References1
Rows per page
Query Builder