Lucene search
K

2427 matches found

Nuclei
Nuclei
added yesterday30 views

WordPress Integrator 1.32 - Cross-Site Scripting

A cross-site scripting vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter to wp-login.php. id: CVE-2012-5913 info: name: WordPress Integrator 1.32 - Cross-Site Scripti...

4.3CVSS6.2AI score0.08732EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday95 views

WSO2 - Cross-Site Scripting

WSO2 contains a reflected cross-site scripting vulnerability in the Management Console of API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0,...

6.1CVSS6.4AI score0.41078EPSS
Exploits5References5
NVD
NVD
added 2026/07/07 6:16 a.m.10 views

CVE-2026-4375

The DoLeads Integrator WordPress plugin through 0.65, wp2epub WordPress plugin through 0.65 have been seen to be used to achieve RCE, once they are added adding to a blog, for example using a vulnerability where unclosed extensions from wordpress.org can be installed by unauthorized users...

9CVSS0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/07 6:0 a.m.34 views

CVE-2026-4375 DoLeads Integrator <= 1.2.2 & wp2epub <= 0.65 - Unauthenticated RCE

The DoLeads Integrator WordPress plugin through 0.65, wp2epub WordPress plugin through 0.65 have been seen to be used to achieve RCE, once they are added adding to a blog, for example using a vulnerability where unclosed extensions from wordpress.org can be installed by unauthorized users...

0.00248EPSS
Exploits0References1
CVE
CVE
added 2026/07/07 6:0 a.m.15 views

CVE-2026-4375

The CVE-2026-4375 entries describe an unauthenticated Remote Code Execution affecting WordPress plugins DoLeads Integrator &lt;= 1.2.2 and wp2epub

9CVSS5.9AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/07 6:0 a.m.8 views

EUVD-2026-42013

The DoLeads Integrator WordPress plugin through 0.65, wp2epub WordPress plugin through 0.65 have been seen to be used to achieve RCE, once they are added adding to a blog, for example using a vulnerability where unclosed extensions from wordpress.org can be installed by unauthorized users...

9CVSS5.9AI score0.00248EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.10 views

CVE-2026-35262

Vulnerability in the Oracle Data Integrator product of Oracle Fusion Middleware component: Market Place. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Data...

8.3CVSS0.00387EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.20 views

PT-2026-49840

Name of the Vulnerable Software and Affected Versions Oracle Data Integrator version 12.2.1.4.0 Oracle Data Integrator version 14.1.2.0.0 Description An issue exists in the Market Place component of the Oracle Data Integrator product of Oracle Fusion Middleware. A low privileged attacker with...

8.3CVSS5.9AI score0.00387EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/12 7:2 p.m.12 views

Security Bulletin: Security Vulnerability in Spring Cloud Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-41235)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerability in Spring Cloud Vulnerability Details CVEID:CVE-2025-41235 DESCRIPTION: Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies. CWE:CWE-444:...

8.6CVSS7.9AI score0.0029EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/12 6:54 p.m.9 views

Security Bulletin: Security Vulnerability in Nimbus Jose JWT Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-53864)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerability in Nimbus Jose JWT Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a...

5.8CVSS6.2AI score0.00806EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/12 6:50 p.m.13 views

Security Bulletin: Security Vulnerability in Spring Security Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-41248)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerability in Spring Security Vulnerability Details CVEID:CVE-2025-41248 DESCRIPTION: The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type...

7.5CVSS6.9AI score0.0046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/12 6:47 p.m.11 views

Security Bulletin: Security Vulnerability in Spring Boot Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-22235)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerability in Spring Boot Vulnerability Details CVEID:CVE-2025-22235 DESCRIPTION: EndpointRequest.to creates a matcher for null/ if the actuator endpoint, for which the EndpointRequest has been create...

7.3CVSS7.1AI score0.00358EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/12 6:28 p.m.8 views

Security Bulletin: Multiple Security Vulnerabilities in Spring Framework Affect IBM Sterling B2B Integrator and IBM Sterling File Gateway

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerabilities in Spring Framework Vulnerability Details CVEID:CVE-2025-22233 DESCRIPTION: CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patter...

7.5CVSS6.9AI score0.01916EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/10 3:49 p.m.6 views

Security Bulletin: Multiple security vulnerabilities have been found in IBM Security Directory Integrator

Summary Security vulnerabilities have been addressed in IBM Security Directory Integrator Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no integrity...

8.1CVSS6.6AI score0.01058EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/05/27 2:16 p.m.10 views

CVE-2024-28765

IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

5.3CVSS0.00385EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 1:47 p.m.43 views

CVE-2024-28765 Security vulnerability was found in IBM Security Directory Integrator

IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

5.3CVSS0.00385EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 1:47 p.m.16 views

CVE-2024-28765

IBM Security Directory Integrator (SDI) and Security Director/Directory Integrator components are affected: SDI 7.2.0.0–7.2.0.14 and IBM Security Directory Integrator 10.0.0.0–10.0.0.2 could allow a remote attacker to obtain sensitive information via a detailed error message returned in the brows...

5.3CVSS5.8AI score0.00385EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/27 1:47 p.m.10 views

EUVD-2024-55599

IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator 10.0.0.0 through 10.0.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

5.3CVSS5.8AI score0.00385EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

IBM Security Directory Integrator 安全漏洞

IBM Security Directory Integrator is an integrated development environment and runtime service provided by the American multinational company International Business Machines IBM. Vulnerabilities exist in versions 7.2.0.0.0 to 7.2.0.14.0.0.0, as well as in versions 10.0.0.0.0 to 10.0.0.2.0.0.0, du...

5.3CVSS5.8AI score0.00385EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/30 3:31 p.m.8 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to reflected XSS vulnerability in AFT (CVE-2026-0835)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed reflected XSS vulnerability Vulnerability Details CVEID:CVE-2026-0835 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway is vulnerable to cross-site scripting. This vulnerability allows an...

5.4CVSS5.6AI score0.0021EPSS
Exploits0Affected Software1
Rows per page
Query Builder