Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Veracode
Veracodeadded 2024/06/12 6:45 a.m.12 views

Cross Site Scripting (XSS)

getformwork/formwork is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper user input validation within meta.php, which allows an attacker to perform XSS...

4.8CVSS6.6AI score0.00721EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2024/03/06 11:11 a.m.24 views

BIT-WORDPRESS-MULTISITE-2020-28039

isprotectedmeta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected...

9.1CVSS9.3AI score0.06686EPSS
Exploits0References9
Veracode
Veracodeadded 2020/11/03 8:28 a.m.31 views

Arbitrary File Deletion

wordpress is vulnerable to Arbitrary File Deletion. Insecure validation of the meta key protection in isprotectedmeta in wp-includes/meta.php allows an attacker to delete arbitrary files on the host...

9.1CVSS9.2AI score0.06686EPSS
Exploits0References12Affected Software3
CVE
CVEadded 2019/09/17 8:49 p.m.134 views

CVE-2019-16391

SPIP vulnerability CVE-2019-16391 affects SPIP 3.1.x and 3.2.x prior to fixed releases. The issue allows authenticated visitors to modify any published content and perform other database modifications via ecrire/inc/meta.php and ecrire/inc/securiser_action.php. Affected versions: SPIP before 3.1....

6.5CVSS6.4AI score0.00871EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVEadded 2019/09/17 8:49 p.m.17 views

CVE-2019-16391

SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiseraction.php...

6.5CVSS7.5AI score0.00871EPSS
Exploits0
NVD
NVDadded 2006/06/12 8:6 p.m.9 views

CVE-2006-2951

Multiple cross-site scripting XSS vulnerabilities in Net Portal Dynamic System NPDS 5.10 and earlier allow remote attackers to inject arbitrary web script and HTML via the 1 Titlesitename or 2 sitename parameter to a header.php, 3 nukeurl parameter to b meta/meta.php, 4 forum parameter to c...

6.8CVSS5.8AI score0.06108EPSS
Exploits1References12
CVE
CVEadded 2006/06/12 8:0 p.m.40 views

CVE-2006-2951

CVE-2006-2951 concerns multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS)

6.8CVSS5.8AI score0.06108EPSS
Exploits1References12Affected Software1
Rows per page
Query Builder