Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2025/11/03 12:0 a.m.7 views

PT-2025-44799

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.8.7 Description Nagios XI versions prior to 5.8.7, utilizing embedded Nagios Core, are susceptible to cross-site scripting XSS through the Core UI’s Views URL handling. Insufficient validation or escaping of...

5.4CVSS6AI score0.00405EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.6 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI versions prior to 5.8.7 that stems from improperly set...

8.5CVSS6.8AI score0.0032EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.8 views

PT-2025-44480

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.8.7 Description Nagios XI used a temporary directory for Highcharts exports with overly permissive ownership and permissions under the Apache user. This allowed local or co-hosted processes to read or overwrite...

8.5CVSS6.7AI score0.0032EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.5 views

WordPress plugin ProfileGrid 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.5AI score0.00393EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/01 11:28 a.m.3 views

WordPress ProfileGrid – User Profiles, Groups and Communities plugin <= 5.8.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin ProfileGrid versions = 5.8.7...

8.8CVSS7AI score0.00393EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/18 12:0 a.m.4 views

PT-2023-24653 · Spring · Spring Security

Name of the Vulnerable Software and Affected Versions: Spring Security versions prior to 5.8.7 Spring Security versions prior to 6.0.7 Spring Security versions prior to 6.1.4 Spring Security versions prior to 6.2.0-M1 Description: The spring-security.xsd file inside the spring-security-config jar...

5.5CVSS8.9AI score0.00216EPSS
Exploits0References11
CNNVD
CNNVD
added 2022/09/07 12:0 a.m.5 views

Nagios XI 跨站脚本漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI versions prior to v5.8.7, which stems from a discovery on...

6.1CVSS5.9AI score0.01717EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/03/01 12:0 a.m.3 views

PluXml 跨站脚本漏洞

PluXml is a content management system that does not require a database to work.A cross-site scripting vulnerability exists in PluXML version 5.8.7. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a payload in the thumbnail path of a blog post...

5.4CVSS5.6AI score0.01192EPSS
Exploits2References6
CNNVD
CNNVD
added 2021/08/12 12:0 a.m.7 views

PluXml 跨站脚本漏洞

PluXml is a free and open source content management system that does not require a database to work. A cross-site scripting vulnerability exists in PluXML, which stems from a stored XSS vulnerability that the Article Editing feature of PluXML 5.8.7 allows to be implemented via headers or content...

4.8CVSS5.2AI score0.00755EPSS
Exploits1References2
Rows per page
Query Builder