Lucene search
+L

21 matches found

cnnvd
cnnvd
added 2025/10/15 12:0 a.m.4 views

WordPress plugin is-human 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

9.3CVSS7.3AI score0.00446EPSS
Exploits0References6
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-2225

Malware in sbrugna...

5CVSS6.4AI score0.03531EPSS
Exploits1References7
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2012-2899

Malware in sbrugna...

5CVSS6.4AI score0.0334EPSS
Exploits1References4
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-51632

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00584EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/23 12:34 a.m.10 views

CVE-2022-4276

A vulnerability was found in House Rental System and classified as critical. Affected by this issue is some unknown functionality of the file tenant-engine.php of the component POST Request Handler. The manipulation of the argument idphoto leads to unrestricted upload. The attack may be launched...

9.8CVSS6.9AI score0.00584EPSS
Exploits1References1
prion
prion
added 2022/12/03 4:15 p.m.19 views

Out-of-bounds

A vulnerability was found in House Rental System and classified as critical. Affected by this issue is some unknown functionality of the file tenant-engine.php of the component POST Request Handler. The manipulation of the argument idphoto leads to unrestricted upload. The attack may be launched...

7.5CVSS9.4AI score0.00584EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2022/12/03 12:0 a.m.8 views

CVE-2022-4276 House Rental System POST Request tenant-engine.php unrestricted upload

A vulnerability was found in House Rental System and classified as critical. Affected by this issue is some unknown functionality of the file tenant-engine.php of the component POST Request Handler. The manipulation of the argument idphoto leads to unrestricted upload. The attack may be launched...

6.3CVSS6.7AI score0.00584EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2022/12/03 12:0 a.m.4 views

PT-2022-26550 · Unknown · House Rental System

Name of the Vulnerable Software and Affected Versions: House Rental System affected versions not specified Description: A critical issue was found in the House Rental System, affecting some unknown functionality of the file tenant-engine.php of the component POST Request Handler. The manipulation...

9.8CVSS9.3AI score0.00584EPSS
Exploits1References5
cvelist
cvelist
added 2022/12/03 12:0 a.m.19 views

CVE-2022-4276 House Rental System POST Request tenant-engine.php unrestricted upload

A vulnerability was found in House Rental System and classified as critical. Affected by this issue is some unknown functionality of the file tenant-engine.php of the component POST Request Handler. The manipulation of the argument idphoto leads to unrestricted upload. The attack may be launched...

6.3CVSS9.7AI score0.00584EPSS
Exploits1References2
openbugbounty
openbugbounty
added 2018/07/27 10:47 a.m.16 views

megashopping.ro XSS vulnerability

Open Bug Bounty ID: OBB-654446 Description| Value ---|--- Affected Website:| megashopping.ro Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
cve
cve
added 2012/05/21 10:0 p.m.51 views

CVE-2012-2925

The CVE-2012-2925 entry concerns a SQL injection in engine.php of Simple PHP Agenda 2.2.8, exploitable via the priority parameter in addTodo. The root cause is unsanitized/concatenated input used in SQL queries, enabling remote attackers to execute arbitrary SQL commands. Affected software: Simpl...

7.5CVSS8.8AI score0.01051EPSS
Exploits1References2Affected Software1
cve
cve
added 2012/05/21 10:0 p.m.34 views

CVE-2012-2918

Chevereto 1.91 is affected by CVE-2012-2918 due to a cross-site scripting (XSS) flaw in Upload/engine.php that allows injecting arbitrary web script or HTML via the v parameter. The vulnerability is tied to the engine.php handler in Chevereto 1.91; exploitation details are not provided in the ava...

4.3CVSS5.9AI score0.01623EPSS
Exploits1References3Affected Software1
exploitpack
exploitpack
added 2011/05/17 12:0 a.m.22 views

WordPress Plugin Is-human 1.4.2 - Remote Command Execution

WordPress Plugin Is-human 1.4.2 - Remote Command Execution Exploit Title: is-human 1.4.2 and prior Worpdress plugin. Date: 16.05.2011 Author: neworder www.neworder-ind.net Software Link: http://wordpress.org/extend/plugins/is-human/ Version: 1.4.2 Tested on: Linux Platform The vulnerability exist...

0.6AI score
Exploits0
zdt
zdt
added 2011/05/17 12:0 a.m.18 views

Wordpress Plugin Is-human <=1.4.2 Remote Command Execution

Exploit for php platform in category web applications Exploit Title: is-human 1.4.2 and prior Worpdress plugin. Date: 16.05.2011 Author: neworder www.neworder-ind.net Software Link: http://wordpress.org/extend/plugins/is-human/ Version: 1.4.2 Tested on: Linux Platform The vulnerability exists in...

7.1AI score
Exploits0
patchstack
patchstack
added 2011/05/17 12:0 a.m.9 views

WordPress Is-Human Plugin - Remote Command Execution Vulnerability

The vulnerability exists in /is-human/engine.php. It takes control of the eval function via the "type" parameter, when the "action" is set to log-reset. Solution Point the $ishum-get array variable into $ishum-getih and point it to php stored function errorlog if you want to close the execution...

4AI score
Exploits0References1Affected Software1
nvd
nvd
added 2009/06/26 6:30 p.m.19 views

CVE-2009-2228

Cross-site scripting XSS vulnerability in engine.php in Kasseler CMS allows remote attackers to inject arbitrary web script or HTML via the url parameter in a redirect action...

4.3CVSS5.7AI score0.01436EPSS
Exploits1References3
cvelist
cvelist
added 2009/06/26 6:0 p.m.23 views

CVE-2009-2228

Cross-site scripting XSS vulnerability in engine.php in Kasseler CMS allows remote attackers to inject arbitrary web script or HTML via the url parameter in a redirect action...

5.7AI score0.01436EPSS
Exploits1References3
seebug
seebug
added 2009/06/23 12:0 a.m.19 views

Kasseler CMS (FD/XSS) Multiple Remote Vulnerabilities

No description provided by source. X X X X A K KK NN N EEEEEE TTTTTTTT X X A A K K N N N E TT XX AAAAA KK N N N EEE TT X X A A K K N N N E TT X X A A K KK N NN EEEEEE TT X X Author: Sr1pt - xaknet.ru GreetZ to all users xaknet.ru, especial: baltazar, Saint, X1mer@, Trash, Ic3, G1yuk, NEXGEN,...

7.1AI score
Exploits0
zdt
zdt
added 2009/06/22 12:0 a.m.18 views

Kasseler CMS (FD/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ===================================================== Kasseler CMS FD/XSS Multiple Remote Vulnerabilities ===================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 ...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2009/06/22 12:0 a.m.45 views

Kasseler CMS - File Disclosure / Cross-Site Scripting

X X X X A K KK NN N EEEEEE TTTTTTTT X X A A K K N N N E TT XX AAAAA KK N N N EEE TT X X A A K K N N N E TT X X A A K KK N NN EEEEEE TT X X Author: Sr1pt - xaknet.ru GreetZ to all users xaknet.ru, especial: baltazar, Saint, X1mer@, Trash, Ic3, G1yuk, NEXGEN, ErrNick, deface and other .. Kasseler-C...

7.4AI score
Exploits0
Rows per page
Query Builder