Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.9 views

CVE-2026-5627

A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the AgentFlows component. The vulnerability arises from improper handling of user input in the loadFlow and deleteFlow methods in server/utils/agentFlows/index.js. Specifically, the...

9.1CVSS7.9AI score0.00809EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/07 1:6 p.m.2 views

CVE-2026-5627

A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the AgentFlows component. The vulnerability arises from improper handling of user input in the loadFlow and deleteFlow methods in server/utils/agentFlows/index.js. Specifically, the...

9.1CVSS6AI score0.00809EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/12/13 9:41 a.m.6 views

CVE-2025-58130

Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in version 1.12.1. Users are encouraged to upgrade to version 1.13.0, the latest release...

9.1CVSS6.9AI score0.00366EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/16 6:0 p.m.4 views

EUVD-2025-34812

MQTTX is an MQTT 5.0 desktop client and MQTT testing tool. A Cross-Site Scripting XSS vulnerability was introduced in MQTTX v1.12.0 due to improper handling of MQTT message payload rendering. Malicious payloads containing HTML or JavaScript could be rendered directly in the MQTTX message viewer. ...

6.1CVSS5.6AI score0.00296EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-1990

Malware in sbrugna...

9.8CVSS9.5AI score0.01421EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/08/15 12:0 a.m.16 views

WordPress InfiniteWP Client Plugin <= 1.11.1 is vulnerable to Sensitive Data Exposure

Software InfiniteWP Client Type Plugin Vulnerable versions = 1.11.1 Fixed in 1.12.1 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2023-2916 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 88e39a11f14f Credits Lana Codes Required...

7.5CVSS6.5AI score0.20888EPSS
Exploits2References3Affected Software1
Prion
Prion
added 2019/07/18 6:15 p.m.22 views

Sql injection

Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is: Unauthenticated mysql database access. The component is: Web login form. The attack vector is: An attacker can exploit the vulnerability by sending a malicious HTTP POST request. The fixed version is: 1.12.1...

7.5CVSS9.6AI score0.01421EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/07/18 5:59 p.m.34 views

CVE-2019-1010248

Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is: Unauthenticated mysql database access. The component is: Web login form. The attack vector is: An attacker can exploit the vulnerability by sending a malicious HTTP POST request. The fixed version is: 1.12.1...

9.7AI score0.01421EPSS
Exploits0References1
Rows per page
Query Builder