Lucene search
K

9 matches found

CNNVD
CNNVD
added 2026/02/19 12:0 a.m.9 views

WordPress plugin Lizza LMS Pro 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

9.8CVSS5.7AI score0.00368EPSS
Exploits0References2
CNVD
CNVD
added 2025/11/27 12:0 a.m.6 views

WordPress EduKart Pro plugin elevation of privilege vulnerability

WordPress EduKart Pro plugin is an e-commerce plugin for the WordPress platform that is primarily used to build and manage online stores. WordPress EduKart Pro plugin has an elevation of privilege vulnerability that stems from the edukartproregisteruserfrontend function not restricting user...

9.8CVSS7.2AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 12:16 a.m.12 views

CVE-2025-51965

OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting XSS via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface...

6.1CVSS6.1AI score0.00188EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 12:0 a.m.10 views

CVE-2025-51965

OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting XSS via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface...

0.00188EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.5 views

PT-2025-33411 · Ourphp · Ourphp

Name of the Vulnerable Software and Affected Versions: OURPHP versions through 8.6.1 Description: OURPHP through version 8.6.1 is susceptible to Cross-Site Scripting XSS via the Name field within the "Complete Profile" functionality located in the "My User Center" page. This functionality is...

6.1CVSS5.4AI score0.00188EPSS
Exploits0References6
CVE
CVE
added 2025/08/14 12:0 a.m.21 views

CVE-2025-51965

CVE-2025-51965 affects OURPHP up to version 8.6.1, where the vulnerability is a Cross‑Site Scripting (XSS) flaw in the Name field of the Complete Profile function in My User Center, accessible after front‑end registration. The underlying issue and exploitation details are not further elaborated i...

6.1CVSS6.1AI score0.00188EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/05/16 5:44 a.m.95 views

Exploit for CVE-2025-47646

🔐 CVE-2025-47646 – PSW Front-end Login & Registration pswfo...

9.8CVSS7.4AI score0.21914EPSS
Exploits3
CNVD
CNVD
added 2019/03/28 12:0 a.m.1 views

Jfinal cms xss vulnerability in frontend registry

Jfinal cms uses JFinal as a web framework , template engine with beetl, database with mysql, front-end bootstrap, flat ui and other frameworks. Support for multi-site , oauth2 authentication , account registration , password encryption , comments and replies , message alerts , site visits...

6.9AI score
Exploits0
CNVD
CNVD
added 2016/12/20 12:0 a.m.4 views

Arbitrary Command Execution Vulnerability in Knight CMS

Knight CMS Talent System is a professional talent system based on PHP+MYSQL. Knight CMS version 4.1.0 suffers from an arbitrary command execution vulnerability. Due to the Knight CMS V4.1.0 using the tp framework there is a template engine remote code execution vulnerability. Attackers can exploi...

8.6AI score
Exploits0
Rows per page
Query Builder