Lucene search
+L

7 matches found

EUVD
EUVD
added 2026/05/02 8:27 a.m.9 views

EUVD-2026-26764

The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUpload fields when ...

7.2CVSS6AI score0.00401EPSS
Exploits0References8
Drupal
Drupal
added 2025/11/05 12:0 a.m.13 views

Simple multi step form - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-116

This module provides the ability to convert any entity form into a simple multi-step form. The module doesn’t sufficiently filter certain user-provided text leading to a cross-site scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with the...

3.5CVSS5.3AI score0.0017EPSS
Exploits0References2
OSV
OSV
added 2024/12/04 4:20 p.m.10 views

DRUPAL-CONTRIB-2024-071

This module allows a site builder to create multi-step entity forms leveraging the Field Group field type plugins. The module doesn't escape plain text administrative configurations. An attacker with admin access could inject arbitrary JavaScript code. This vulnerability is mitigated by the fact...

4.8CVSS6.6AI score0.00232EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2017/03/22 12:0 a.m.5 views

March 22, 2017—KB4016636 (OS Build 10586.842)

None None...

6.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/03/22 12:0 a.m.7 views

March 22, 2017—KB4016637 (OS Build 10240.17320)

None None...

6.1AI score
Exploits0
OSV
OSV
added 2016/07/03 1:59 a.m.4 views

DEBIAN-CVE-2016-5730

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving 1 an array value to FormDisplay.php, 2 incorrect data to validate.php, 3 unexpected data to Validator.php, 4 a missing config directory...

5.3CVSS6.9AI score0.02616EPSS
Exploits0References1
OSV
OSV
added 2016/07/03 1:59 a.m.11 views

UBUNTU-CVE-2016-5730

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving 1 an array value to FormDisplay.php, 2 incorrect data to validate.php, 3 unexpected data to Validator.php, 4 a missing config directory...

5.3CVSS6.8AI score0.02616EPSS
Exploits0References3
Rows per page
Query Builder