Lucene search
K

133 matches found

OSV
OSV
added 2025/04/04 8:15 a.m.5 views

CVE-2025-3219

A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is...

5.4CVSS3.7AI score0.00348EPSS
Exploits1References4
NVD
NVD
added 2025/04/04 8:15 a.m.19 views

CVE-2025-3219

A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is...

5.4CVSS0.00348EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/04/04 7:31 a.m.13 views

CVE-2025-3219 CodeCanyon Perfex CRM Project Discussions Module 2 cross site scripting

A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is...

5.1CVSS6.4AI score0.00348EPSS
Exploits1References4
CVE
CVE
added 2025/04/04 7:31 a.m.63 views

CVE-2025-3219

The CVE-2025-3219 entry concerns CodeCanyon Perfex CRM 3.2.1. Affected is an unknown function in the file /perfex/clients/project/2 within the Project Discussions Module. The issue is a cross‑site scripting vulnerability triggered by manipulation of the argument description, with remote exploitat...

5.4CVSS6.4AI score0.00348EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.7 views

PT-2025-14865 · Unknown · Codecanyon Perfex Crm

Name of the Vulnerable Software and Affected Versions: CodeCanyon Perfex CRM version 3.2.1 Description: A vulnerability was found in CodeCanyon Perfex CRM. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project...

5.1CVSS3.5AI score0.00348EPSS
Exploits1References10
Circl
Circl
added 2025/01/25 4:9 a.m.19 views

CVE-2024-55228

creationtimestamp| type| source ---|---|--- 2025-01-25 04:09:52+00:00| exploited| https://gist.github.com/Dqtdqt/a942bbce9a5fc851dce366902411c768 2025-01-27 16:36:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113901292435622561 2025-01-27 17:16:06+00:00| seen|...

9CVSS5.7AI score0.00553EPSS
Exploits1References6
Circl
Circl
added 2025/01/14 5:29 p.m.18 views

CVE-2025-21210

creationtimestamp| type| source ---|---|--- 2025-01-14 17:29:48+00:00| seen| https://www.thezdi.com/blog/2025/1/14/the-january-2025-security-update-review 2025-01-14 18:17:15+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpud2edey2j 2025-01-14 18:41:01+00:00| seen|...

4.2CVSS7.5AI score0.01108EPSS
Exploits0References12
Circl
Circl
added 2025/01/08 6:7 p.m.3 views

CVE-2024-56778

creationtimestamp| type| source ---|---|--- 2025-01-08 18:07:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113794066477382175 2025-01-08 18:16:00+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfarhbw3s52f 2025-01-08 18:21:31+00:00| seen|...

5.5CVSS6.6AI score0.00203EPSS
Exploits0References6
Circl
Circl
added 2024/12/27 4:32 a.m.21 views

CVE-2024-56521

creationtimestamp| type| source ---|---|--- 2024-12-27 04:32:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113722915496819427 2024-12-27 04:37:29+00:00| seen| https://infosec.exchange/users/cve/statuses/113722933165201992 2024-12-27 05:15:44+00:00| seen|...

9.8CVSS4.7AI score0.00748EPSS
Exploits0References6
Circl
Circl
added 2024/12/21 5:5 a.m.18 views

CVE-2024-12846

creationtimestamp| type| source ---|---|--- 2024-12-21 05:05:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113689069906563464 2024-12-21 05:15:34+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lds5h6jcmv2z 2024-12-21 06:58:14+00:00| seen|...

6.9CVSS4.5AI score0.00398EPSS
Exploits1References3
Circl
Circl
added 2024/12/10 5:33 p.m.6 views

CVE-2024-43594

creationtimestamp| type| source ---|---|--- 2024-12-10 17:33:56+00:00| seen| https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review 2024-12-10 17:53:46+00:00| seen| https://infosec.exchange/users/cve/statuses/113629799580426668 2025-01-07 16:45:47+00:00| seen|...

7.3CVSS4.8AI score0.01662EPSS
Exploits0References4
Circl
Circl
added 2024/11/12 4:21 p.m.7 views

CVE-2024-8068

creationtimestamp| type| source ---|---|--- 2024-11-12 16:21:28+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113470897346004162 2024-11-12 19:44:07+00:00| seen| https://t.me/cvedetector/10675 2024-11-12 21:23:09+00:00| seen|...

8CVSS6.9AI score0.01399EPSS
Exploits0References24
NVD
NVD
added 2024/10/30 9:15 p.m.26 views

CVE-2024-48093

Unrestricted File Upload in the Discussions tab in Operately v.0.1.0 allows a privileged user to achieve Remote Code Execution via uploading and executing malicious files without validating file extensions or content types...

8CVSS0.00606EPSS
Exploits0References2
CVE
CVE
added 2024/10/30 12:0 a.m.50 views

CVE-2024-48093

CVE-2024-48093 affects Operately v0.1.0. The vulnerability is an unrestricted file upload in the Discussions tab that allows a privileged user to achieve Remote Code Execution by uploading and executing malicious files without validating file extensions or content types. Public sources in the con...

8CVSS7.2AI score0.00606EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/30 12:0 a.m.14 views

CVE-2024-48093

Unrestricted File Upload in the Discussions tab in Operately v.0.1.0 allows a privileged user to achieve Remote Code Execution via uploading and executing malicious files without validating file extensions or content types...

0.00606EPSS
Exploits0References2
NVD
NVD
added 2024/09/13 6:15 a.m.26 views

CVE-2024-6723

The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...

4.7CVSS0.0045EPSS
Exploits1References1
OSV
OSV
added 2024/09/13 6:15 a.m.4 views

CVE-2024-6723

The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...

4.7CVSS5.8AI score0.0045EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/13 6:0 a.m.13 views

CVE-2024-6723 AI Engine < 2.4.8 - Admin+ SQLi

The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...

7.8AI score0.0045EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/09/13 6:0 a.m.33 views

CVE-2024-6723 AI Engine < 2.4.8 - Admin+ SQLi

The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...

0.0045EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/09/12 12:0 a.m.11 views

PT-2024-37823 · WordPress · Ai Engine

Name of the Vulnerable Software and Affected Versions: The AI Engine WordPress plugin versions prior to 2.4.8 Description: The issue is related to a SQL injection that occurs due to improper sanitization and escaping of a parameter in a SQL statement. This can be exploited by admin users when...

4.7CVSS8AI score0.0045EPSS
Exploits1References6
Rows per page
Query Builder