Lucene search
K

15 matches found

Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.6 views

PT-2026-33925

This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands on the targeted device. Successful exploitation of this...

8.7CVSS6.6AI score0.00449EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-44043

Malicious code in bioql PyPI...

4.4CVSS6.5AI score0.00246EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-5476

Malicious code in bioql PyPI...

7.2CVSS8.7AI score0.00259EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-32657

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00342EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-27866

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00272EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-51579

Malicious code in bioql PyPI...

6.4CVSS9.1AI score0.00284EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/08 7:19 a.m.14 views

CVE-2025-5686

The Paged Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gallery' shortcode in all versions up to, and including, 0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.7AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/15 4:23 a.m.9 views

CVE-2025-0837

The Puzzles theme for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 4.2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and...

6.4CVSS7.4AI score0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/05 12:0 a.m.23 views

CVE-2024-27625

CMS Made Simple Version 2.2.19 is vulnerable to Cross Site Scripting XSS. This vulnerability resides in the File Manager module of the admin panel. Specifically, the issue arises due to inadequate sanitization of user input in the "New directory" field...

9.3AI score0.00411EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/10/20 3:6 p.m.8 views

CVE-2023-3933 Your Journey <= 1.9.8 - Prototype Pollution to Reflected Cross-Site Scripting

The Your Journey theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS7AI score0.00386EPSS
Exploits0References2
0day.today
0day.today
added 2013/11/19 12:0 a.m.67 views

WordPress themify themes File Upload Vulnerability

all theme suffer of File Upload Vulnerability. all whitout autoritation can upload malicious code to all themify theme Usage Info prof of concept: code not properly sanitized at get function: function themifyupload if!empty$FILES if!isset$POST'target' || $POST'target' == '' $target =...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2009/05/02 12:0 a.m.26 views

GScripts.net DNS Tools 'dig.php' Remote Command Execution Vulnerability

GScripts.net DNS Tools is prone to a remote command-execution vulnerability because the software fails to adequately sanitize user-supplied input. Successful attacks can compromise the affected software and possibly the computer. OpenVAS Vulnerability Test $Id: GScriptscve20091361.nasl 5767...

10CVSS0.7AI score0.10304EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2007/04/16 12:0 a.m.21 views

Web Service Deluxe News Manager 1.0.1 Deluxe - &#039;footer.php&#039; Local File Inclusion

source: https://www.securityfocus.com/bid/23499/info News Manager Deluxe is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. This issue affects News...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/12/01 12:0 a.m.10 views

Aspee Ziyaretci Defteri - giris.asp Multiple Field SQL Injections

Aspee Ziyaretci Defteri - giris.asp Multiple Field SQL Injections source: https://www.securityfocus.com/bid/21398/info Aspee Ziyaretçi Defteri is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/02/02 12:0 a.m.47 views

MyBB index.php 'referrer' Parameter SQLi

The version of MyBB installed on the remote host is affected by a SQL injection vulnerability due to improper sanitization of user-supplied input to the 'referrer' parameter before using it in the globals.php script. A remote attacker can exploit this issue to manipulate SQL queries, resulting in...

7.5CVSS5.6AI score0.0103EPSS
Exploits0References2
Rows per page
Query Builder