CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-11261

Malware in sbrugna...

7.2CVSS6.9AI score0.00567EPSS

Exploits2References3

Prion•added 2023/10/12 6:15 a.m.•15 views

Cross site request forgery (csrf)

The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the delete functionality. This makes it possible for unauthenticated attackers to delete image...

4.3CVSS4.5AI score0.00069EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2023/07/06 12:0 a.m.•2 views

PT-2023-19033 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: An OS command injection issue exists in the ys thirdparty user delete functionality. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests t...

7.2CVSS7.8AI score0.00288EPSS

Exploits1References3

Huntr•added 2021/11/08 7:29 p.m.•16 views

Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2

Description cross site request forgery vulnerability is present in delete functionality of doctor feature. Proof of Concept history.pushState'', '', '/' document.forms0.submit; Impact This vulnerability is capable of delete the existing logs...

4.3CVSS2.1AI score0.00089EPSS

Exploits1References1