Lucene search
+L

263 matches found

Cvelist
Cvelist
added 2026/02/16 11:22 p.m.36 views

CVE-2025-12062 WP Maps <= 4.8.6 - Authenticated (Subscriber+) Limited Local File Inclusion

The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8.6 via the fcloadtemplate function. This makes it possible for authenticated attackers, with Subscriber-leve...

8.8CVSS0.00723EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/11 8:37 p.m.6 views

CVE-2020-37178

KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML files into the help area, potentially causing application instability or crash...

7.5CVSS5.5AI score0.00282EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/11 8:37 p.m.3 views

CVE-2020-37178 KeePass 2.44 - Denial of Service (PoC)

KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML files into the help area, potentially causing application instability or crash...

7.5CVSS5.5AI score0.00282EPSS
Exploits0References3
Snyk
Snyk
added 2026/01/21 10:46 p.m.10 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the upload arbitrary files. An attacker can execute arbitrary scripts in the context of another user's browser by uploading malicious HTML or SVG files that are then rendered from the same domain as the...

8.5CVSS6AI score0.00228EPSS
Exploits1References2
NVD
NVD
added 2026/01/21 10:15 p.m.17 views

CVE-2026-23499

Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.21.43, and 3.22.27, Saleor allowed authenticated staff users or Apps to upload arbitrary files, including malicious HTML and SVG files containing Javascript. Depending on the deployment strategy, these...

8.5CVSS0.00228EPSS
Exploits1References7
EUVD
EUVD
added 2026/01/21 9:36 p.m.10 views

EUVD-2026-3775

Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.21.43, and 3.22.27, Saleor allowed authenticated staff users or Apps to upload arbitrary files, including malicious HTML and SVG files containing Javascript. Depending on the deployment strategy, these...

8.5CVSS5.9AI score0.00228EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/01/13 10:51 p.m.3 views

CVE-2021-47751 CuteEditor for PHP 6.6 - Directory Traversal

CuteEditor for PHP now referred to as Rich Text Editor 6.6 contains a directory traversal vulnerability in the browse template feature that allows attackers to write files to arbitrary web root directories. Attackers can exploit the ServerMapPath function by renaming uploaded HTML files using...

7.5CVSS5.6AI score0.00715EPSS
Exploits1References3
Snyk
Snyk
added 2026/01/10 6:53 a.m.4 views

Cross-site Scripting (XSS)

Overview @haxtheweb/haxcms-nodejs is a HAXcms nodejs backend Affected versions of this package are vulnerable to Cross-site Scripting XSS via the processing of uploaded .html files. An attacker can execute arbitrary JavaScript in the context of another user's session by uploading .html files...

9CVSS5.5AI score0.01036EPSS
Exploits3References2
RedhatCVE
RedhatCVE
added 2025/12/12 1:6 a.m.6 views

CVE-2025-55310

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup. This may result in...

7.3CVSS6.5AI score0.00105EPSS
Exploits0References1
Veracode
Veracode
added 2025/10/15 7:40 a.m.8 views

Improper Access Control

Vite is vulnerable to Improper Access Control. The vulnerability is due to the dev and preview servers serving any HTML files on the machine regardless of the server.fs settings, which allows an attacker to access unintended files when the Vite server is exposed to the network, potentially leadin...

5.3CVSS6.7AI score0.00586EPSS
Exploits1References8Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-0394

Malware in sbrugna...

7.5CVSS7.6AI score0.02005EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-18011

Malware in sbrugna...

6.1CVSS6.7AI score0.00936EPSS
Exploits4References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-3257

Malware in sbrugna...

9.8CVSS9.5AI score0.0128EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2004-2484

Malware in sbrugna...

4CVSS6.4AI score0.01312EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-29695

Malware in sbrugna...

7.8CVSS7.7AI score0.06004EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2007-5824

Malware in sbrugna...

4.3CVSS6.3AI score0.01271EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-2253

Malware in sbrugna...

7.8CVSS6.4AI score0.07177EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-0483

Malware in sbrugna...

6.4CVSS6.4AI score0.0262EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2009-2832

Malware in sbrugna...

4.3CVSS6.1AI score0.01751EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-2099

Malware in sbrugna...

7.5CVSS6.4AI score0.01288EPSS
Exploits0References3
Rows per page
Query Builder