Lucene search
K

3996 matches found

CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

WordPress plugin The Plus Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.8AI score0.00205EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/12 3:23 p.m.6 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the XTileImage function. An attacker can cause a denial of service by tricking a user into opening a specially crafted MIFF file and right-clicking a tile to invoke the Load / Update menu item. Remediation...

6.7CVSS5.8AI score0.0013EPSS
Exploits0References2
NVD
NVD
added 2026/05/11 8:25 p.m.10 views

CVE-2026-42050

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item. This vulnerabilit...

5.5CVSS0.0013EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/11 7:46 p.m.42 views

CVE-2026-42050 ImageMagick: Stack buffer overflow in XTileImage

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item. This vulnerabilit...

5.5CVSS0.0013EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/11 7:46 p.m.9 views

EUVD-2026-29204

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item. This vulnerabilit...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References1
CVE
CVE
added 2026/05/11 7:46 p.m.74 views

CVE-2026-42050

ImageMagick pre-7.1.2-21 and pre-6.9.13-46 is affected by a stack buffer overflow in XTileImage triggered when processing a malicious MIFF file in the display tool via the Load/Update tile action. Public sources consistently describe this as a stack buffer overflow vulnerability in XTileImage, po...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/11 6:31 p.m.11 views

EUVD-2025-209773

A reflected cross-site scripted XSS vulnerability in the dfm-menuorderopt.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

7.3CVSS6AI score0.00292EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/11 6:31 p.m.10 views

EUVD-2025-209770

A reflected cross-site scripted XSS vulnerability in the dfm-menualerts.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

7.3CVSS6AI score0.00292EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/11 6:31 p.m.8 views

EUVD-2025-209769

A reflected cross-site scripted XSS vulnerability in the acc-menubillings.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

6.1CVSS6AI score0.00236EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/11 6:31 p.m.9 views

EUVD-2025-209771

A reflected cross-site scripted XSS vulnerability in the acc-menupricess.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

7.3CVSS6AI score0.00292EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/11 6:31 p.m.11 views

EUVD-2025-209768

A reflected cross-site scripted XSS vulnerability in the dfm-menudepartments.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

6.1CVSS6AI score0.00236EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/11 6:31 p.m.9 views

EUVD-2025-209765

A reflected cross-site scripted XSS vulnerability in the dfm-menucoveragealerts.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable valu...

6.1CVSS6AI score0.00236EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/11 6:31 p.m.8 views

EUVD-2025-209766

A reflected cross-site scripted XSS vulnerability in the acc-menupapers.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

6.1CVSS6AI score0.00236EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/11 6:31 p.m.12 views

EUVD-2025-209763

A reflected cross-site scripted XSS vulnerability in the dfm-menufirmware.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

6.1CVSS6AI score0.00236EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/11 6:31 p.m.14 views

EUVD-2025-209767

A reflected cross-site scripted XSS vulnerability in the dfm-menumaintenance.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

6.1CVSS6AI score0.00236EPSS
Exploits0References4
NVD
NVD
added 2026/05/11 4:17 p.m.16 views

CVE-2025-61310

A reflected cross-site scripted XSS vulnerability in the acc-menubillings.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

6.1CVSS0.00236EPSS
Exploits0References3
NVD
NVD
added 2026/05/11 4:17 p.m.19 views

CVE-2025-61314

A reflected cross-site scripted XSS vulnerability in the dfm-menuorderopt.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

7.3CVSS0.00292EPSS
Exploits0References3
NVD
NVD
added 2026/05/11 4:17 p.m.12 views

CVE-2025-61308

A reflected cross-site scripted XSS vulnerability in the dfm-menumaintenance.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

6.1CVSS0.00236EPSS
Exploits0References3
NVD
NVD
added 2026/05/11 4:17 p.m.20 views

CVE-2025-61309

A reflected cross-site scripted XSS vulnerability in the dfm-menudepartments.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

6.1CVSS0.00236EPSS
Exploits0References3
NVD
NVD
added 2026/05/11 4:17 p.m.10 views

CVE-2025-61313

A reflected cross-site scripted XSS vulnerability in the dfm-menumarkeralerts.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

7.3CVSS0.00292EPSS
Exploits0References3
Rows per page
Query Builder