Lucene search
+L

71 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:10 a.m.18 views

CVE-2022-36007

Venice is a Clojure inspired sandboxed Lisp dialect with excellent Java interoperability. A partial path traversal issue exists within the functions load-file and load-resource. These functions can be limited to load files from a list of load paths. Assuming Venice has been configured with the lo...

6.1CVSS6.4AI score0.00414EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/02/12 12:0 a.m.9 views

PT-2025-6471 · Unknown · Code-Projects Job Recruitment

Name of the Vulnerable Software and Affected Versions: code-projects Job Recruitment version 1.0 Description: A problem has been found in the code that affects the / parse/load user-profile.php file, leading to cross site scripting. The attack can be initiated remotely and multiple parameters mig...

6.4CVSS4.2AI score0.00343EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/02/01 12:0 a.m.5 views

PT-2025-4114 · Unknown · Code-Projects Job Recruitment

Name of the Vulnerable Software and Affected Versions: code-projects Job Recruitment version 1.0 Description: A problematic issue has been found in the file / parse/load job-details.php, where the manipulation of the business stream name and company website url arguments leads to cross site...

5.4CVSS4.1AI score0.00401EPSS
Exploits1References10
OSV
OSV
added 2023/07/10 4:15 p.m.6 views

CVE-2023-3561

A vulnerability, which was classified as problematic, was found in GZ Scripts PHP GZ Hotel Booking Script 1.8. This affects an unknown part of the file /load.php. The manipulation of the argument firstname/secondname/phone/address1/country leads to cross site scripting. It is possible to initiate...

6.1CVSS4.1AI score0.00506EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/08 12:0 a.m.5 views

PT-2023-25228 · Unknown · Gz Scripts Event Booking Calendar

Name of the Vulnerable Software and Affected Versions: GZ Scripts Event Booking Calendar version 1.8 Description: A problematic issue has been discovered, affecting an unknown function of the file /load.php. The manipulation of the arguments first name, second name, phone, address 1, or country...

5.4CVSS4.2AI score0.00506EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/07/08 12:0 a.m.7 views

PT-2023-25230 · Unknown · Gz Scripts Ticket Booking Script

Name of the Vulnerable Software and Affected Versions: GZ Scripts Ticket Booking Script version 1.8 Description: A problematic issue has been found in the software, affecting some unknown functionality of the file /load.php. The manipulation of the arguments first name, second name, phone, addres...

6.1CVSS4.2AI score0.00383EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/07/08 12:0 a.m.4 views

PT-2023-25229 · Unknown · Gz Scripts Php Gz Appointment Scheduling Script

Name of the Vulnerable Software and Affected Versions: GZ Scripts PHP GZ Appointment Scheduling Script version 1.8 Description: A problematic vulnerability was found in the GZ Scripts PHP GZ Appointment Scheduling Script. The issue affects an unknown functionality of the file /load.php. The...

6.1CVSS4.3AI score0.00383EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/07/08 12:0 a.m.6 views

PT-2023-25231 · Unknown · Gz Scripts Php Gz Hotel Booking Script

Name of the Vulnerable Software and Affected Versions: GZ Scripts PHP GZ Hotel Booking Script version 1.8 Description: A problematic issue was found in the software, affecting an unknown part of the file /load.php. The manipulation of the arguments first name, second name, phone, address 1, or...

6.1CVSS4.3AI score0.00506EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/07/07 12:0 a.m.7 views

Availability Booking Calendar PHP 跨站脚本漏洞

Availability Booking Calendar PHP is a GZ Scripts open source availability booking calendar system . A cross-site scripting vulnerability exists in GZ Scripts Availability Booking Calendar PHP version 1.8, which stems from the parameter cid/firstname/secondname/address1/country in the file load.p...

6.1CVSS4.2AI score0.00388EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/07 12:0 a.m.8 views

PT-2023-25216 · Unknown · Gz Scripts Availability Booking Calendar Php

Name of the Vulnerable Software and Affected Versions: GZ Scripts Availability Booking Calendar PHP version 1.8 Description: A vulnerability was found in the HTTP POST Request Handler component, affecting an unknown part of the file load.php. The manipulation of the arguments cid, first name,...

6.1CVSS4.4AI score0.00388EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.4 views

SUSE CVE-2019-5477

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being called with unsafe user input as the filename. This...

8.1CVSS9.5AI score0.05899EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.5 views

SUSE CVE-2020-15704

The modprobe child process in the ./debian/patches/loadpppgenericifneeded patch file incorrectly handled module loading. A local non-root attacker could exploit the MODPROBEOPTIONS environment variable to read arbitrary root files. Fixed in 2.4.5-5ubuntu1.4, 2.4.5-5.1ubuntu2.3+esm2,...

5.5CVSS6.7AI score0.00364EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2022/12/21 12:0 a.m.224 views

Senayan Library Management System 9.2.2 SQL Injection

Title: Senayan Library Management System v9.2.2 a.k.a SLIMS 9 Multiple SQLi-Not sanitizing correctly cookie session. Author: nu11secur1ty Date: 12.20.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.2 Reference:...

0.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/09/06 12:0 a.m.5 views

PT-2022-19570 · WordPress · Wp Cerber Security

Name of the Vulnerable Software and Affected Versions: WP Cerber Security plugin for WordPress versions up to, and including 9.0 Description: The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass, making user enumeration possible. This is due to improper validati...

5.3CVSS5.2AI score0.00688EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/08/18 7:7 p.m.37 views

Venice vulnerable to Partial Path Traversal issue within the functions `load-file` and `load-resource`

Impact A partial path traversal issue exists within the functions load-file and load-resource. These functions can be limited to load files from a list of load paths. Assuming Venice has been configured with the load paths: "/Users/foo/resources" When passing relative paths to these two vulnerabl...

6.1CVSS4.4AI score0.00414EPSS
Exploits1References6Affected Software1
CNNVD
CNNVD
added 2022/08/15 12:0 a.m.4 views

Venice 路径遍历漏洞

Venice is a Clojure-inspired, sandboxed Lisp dialect from the individual developers of jlangch in Switzerland, with excellent Java interoperability. It can be used as a safe scripting language. A path traversal vulnerability exists in Venice 1.10.16 and earlier, which stems from a partial path...

6.1CVSS5AI score0.00414EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2022/08/14 12:25 a.m.11 views

CVE-2022-36007 Partial Path Traversal in com.github.jlangch:venice

Venice is a Clojure inspired sandboxed Lisp dialect with excellent Java interoperability. A partial path traversal issue exists within the functions load-file and load-resource. These functions can be limited to load files from a list of load paths. Assuming Venice has been configured with the lo...

6.1CVSS6.2AI score0.00414EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/08/14 12:25 a.m.80 views

CVE-2022-36007 Partial Path Traversal in com.github.jlangch:venice

Venice is a Clojure inspired sandboxed Lisp dialect with excellent Java interoperability. A partial path traversal issue exists within the functions load-file and load-resource. These functions can be limited to load files from a list of load paths. Assuming Venice has been configured with the lo...

6.1CVSS6.1AI score0.00414EPSS
Exploits1References4
CVE
CVE
added 2022/08/14 12:25 a.m.109 views

CVE-2022-36007

Venice (com.github.jlangch:venice) contains a Partial Path Traversal flaw in the load-file and load-resource functions. When given absolute paths whose name prefix matches a configured load path (e.g., "/Users/foo/resources"), an attacker can access files outside the intended directory (e.g., "/U...

6.1CVSS4.2AI score0.00414EPSS
Exploits1References4Affected Software1
Exploit DB
Exploit DB
added 2022/02/23 12:0 a.m.402 views

Air Cargo Management System v1.0 - SQLi

Title: Air Cargo Management System v1.0 - SQLi Author: nu11secur1ty Date: 02.18.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15188/air-cargo-management-system-php-oop-free-source-code.html Reference:...

7.4AI score
Exploits0
Rows per page
Query Builder