CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IBM Integrated Analytics System 1.0.0.0 through 1.0.30.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened...

8CVSS5.8AI score

Exploits0References1

Cvelist•added 2025/02/03 7:22 p.m.•15 views

CVE-2024-12859 BoomBox Theme Extensions <= 1.8.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode

The BoomBox Theme Extensions plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.8.0 via the 'boomboxlisting' shortcode 'type' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and...

8.8CVSS0.00553EPSS

Exploits0References2

NVD•added 2024/12/12 6:15 a.m.•11 views

CVE-2024-12040

The Product Carousel Slider & Grid Ultimate for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9.10 via the 'theme' attribute of the wcpcsu shortcode. This makes it possible for authenticated attackers, with Contributor-level access...

8.8CVSS0.00794EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by