Lucene search
+L

10 matches found

vulnrichment
vulnrichment
added 2026/05/10 12:43 p.m.9 views

CVE-2021-47943 TextPattern CMS 4.8.7 Remote Code Execution via File Upload

TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through the file upload functionality. Attackers can upload a PHP shell via the Files section in the content area and execute...

8.8CVSS6.6AI score0.00617EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/04/16 6:44 a.m.11 views

CVE-2025-13364 WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters <= 4.8.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'put_wpgm' Shortcode

The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'putwpgm' shortcode in all versions up to, and including, 4.8.7. This is due to insufficient input sanitization and output escaping on...

6.4CVSS5.9AI score0.00267EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/04/16 12:0 a.m.10 views

PT-2026-33273

The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'put wpgm' shortcode in all versions up to, and including, 4.8.7. This is due to insufficient input sanitization and output escaping o...

6.4CVSS5.9AI score0.00267EPSS
Exploits0References3
cvelist
cvelist
added 2026/03/06 4:16 a.m.34 views

CVE-2026-28509 LangBot has a Cross Site Scripting(XSS) Vulnerability

LangBot is a global IM bot platform designed for LLMs. Prior to version 4.8.7, LangBot’s web UI renders user-supplied raw HTML using rehypeRaw, which can lead to a cross-site scripting XSS vulnerability. This issue has been patched in version 4.8.7...

6.3CVSS0.00187EPSS
Exploits1References2
nessus
nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 9 : dotnet6.0-6.0.123-1.el9.ML.1 (AXSA:2023-6529:25)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6529:25 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...

7.5CVSS7.5AI score0.99999EPSS
Exploits19References2
nvd
nvd
added 2025/09/22 7:16 p.m.3 views

CVE-2025-58650

Missing Authorization vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All In One SEO Pack: from n/a through = 4.8.7.1...

5.4CVSS0.00248EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 3:13 a.m.7 views

CVE-2023-22278

m-FILTER prior to Ver.5.70R01 Ver.5 Series and m-FILTER prior to Ver.4.87R04 Ver.4 Series allows a remote unauthenticated attacker to bypass authentication and send users' unintended email when email is being sent under the certain conditions. The attacks exploiting this vulnerability have been...

5.3CVSS7.3AI score0.00706EPSS
Exploits0References1
amazon
amazon
added 2023/10/17 12:0 a.m.27 views

Important: dotnet6.0

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-44487 Affected Packages: dotnet6.0 Issue Correction: Run dnf update dotnet6.0...

7.5CVSS7.5AI score0.99999EPSS
Exploits19
attackerkb
attackerkb
added 2022/12/15 9:15 p.m.5 views

CVE-2022-4521

A vulnerability classified as problematic has been found in WSO2 carbon-registry up to 4.8.6. This affects an unknown part of the component Request Parameter Handler. The manipulation of the argument parentPath/path/username/path/profilemenu leads to cross site scripting. It is possible to initia...

6.1CVSS3.6AI score0.00568EPSS
Exploits0References5Affected Software1
ptsecurity
ptsecurity
added 2016/11/11 12:0 a.m.14 views

PT-2016-7533 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.8.7 Description: The issue allows local users to cause a denial of service, resulting in a host OS crash. This is achieved through a certain use of a ModR/M byte in an undefined instruction when KVM is enabled...

10CVSS7.3AI score0.15073EPSS
Exploits76References259
Rows per page
Query Builder