Lucene search
K

140 matches found

EUVD
EUVD
added 2026/01/08 9:17 a.m.5 views

EUVD-2026-1506

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shahjada Visitor Stats Widget visitor-stats-widget allows Reflected XSS.This issue affects Visitor Stats Widget: from n/a through = 1.5.0...

7.1CVSS5.9AI score0.00149EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/08 9:17 a.m.6 views

EUVD-2026-1532

Insertion of Sensitive Information Into Sent Data vulnerability in AITpro BulletProof Security bulletproof-security allows Retrieve Embedded Sensitive Data.This issue affects BulletProof Security: from n/a through = 6.9...

7.5CVSS6.4AI score0.00245EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/08 9:17 a.m.4 views

EUVD-2026-1534

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove AeroLand aeroland allows PHP Local File Inclusion.This issue affects AeroLand: from n/a through = 1.6.6...

9.8CVSS6.6AI score0.00403EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/08 9:17 a.m.6 views

EUVD-2026-1539

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins ListingHub listinghub allows Reflected XSS.This issue affects ListingHub: from n/a through 1.2.6...

6.1CVSS5.9AI score0.00175EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/08 8:2 a.m.6 views

EUVD-2026-1583

A vulnerability was identified in code-projects Intern Membership Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /intern/admin/addadmin.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

5.8CVSS6.6AI score0.00314EPSS
Exploits1References7
EUVD
EUVD
added 2026/01/08 6:31 a.m.5 views

EUVD-2026-1593

Not used...

6.4AI score
Exploits0References1
EUVD
EUVD
added 2026/01/07 4:23 p.m.6 views

EUVD-2026-1200

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

5.3CVSS6.3AI score0.00567EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/07 2:12 p.m.4 views

EUVD-2026-1221

Server-Side Request Forgery SSRF vulnerability in minnur External Media allows Server Side Request Forgery.This issue affects External Media: from n/a through 1.0.36...

4.9CVSS6.5AI score0.00119EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/07 12:31 p.m.4 views

EUVD-2026-1250

EUVD-2026-1250...

7.8CVSS6.4AI score0.00072EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/07 12:31 p.m.4 views

EUVD-2026-1263

EUVD-2026-1263...

7.8CVSS6.4AI score0.00072EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/07 12:31 p.m.10 views

EUVD-2026-1246

EUVD-2026-1246...

7.8CVSS6.4AI score0.00072EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/07 11:59 a.m.3 views

EUVD-2026-1254

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in JanStudio Gecko allows PHP Local File Inclusion.This issue affects Gecko: from n/a through 1.9.8...

8.1CVSS6.5AI score0.00412EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/07 9:21 a.m.3 views

EUVD-2026-1305

The Easy GitHub Gist Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the gist shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS4.7AI score0.00181EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/07 9:20 a.m.6 views

EUVD-2026-1304

The Sticky Action Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the sabsoptionspageformsubmit function. This makes it possible for unauthenticated attackers to update plug...

4.3CVSS4.8AI score0.00112EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/07 9:20 a.m.5 views

EUVD-2026-1309

The Contact Us Simple Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wit...

4.4CVSS4.6AI score0.003EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/07 8:21 a.m.5 views

EUVD-2026-1329

The Stylish Order Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'productname' parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS4.7AI score0.00243EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/07 8:21 a.m.7 views

EUVD-2026-1275

The Page Keys plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pagekey’ parameter in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, ...

4.4CVSS4.5AI score0.00189EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/06 4:36 p.m.4 views

EUVD-2026-0948

Missing Authorization vulnerability in BBR Plugins Better Business Reviews better-business-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Better Business Reviews: from n/a through = 0.1.1...

5.4CVSS6.4AI score0.00155EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/06 4:27 p.m.4 views

EUVD-2026-1014

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins JobBank allows Reflected XSS.This issue affects JobBank: from n/a through 1.2.2...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/06 4:20 p.m.5 views

EUVD-2026-1003

Dell Unisphere for PowerMax, versions 9.2.4.x, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to data and resources outside of the intended...

7.6CVSS6.2AI score0.00241EPSS
Exploits0References2
Rows per page
Query Builder