Lucene search
K

24 matches found

ATTACKERKB
ATTACKERKB
added 2022/06/27 9:15 a.m.6 views

CVE-2022-1904

The Pricing Tables WordPress Plugin WordPress plugin before 3.2.1 does not sanitise and escape parameter before outputting it back in a page available to any user both authenticated and unauthenticated when a specific setting is enabled, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.4AI score0.01388EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2022/06/27 9:15 a.m.5 views

CVE-2022-1593

The Site Offline or Coming Soon WordPress plugin through 1.6.6 does not have CSRF check in place when updating its settings, and it also lacking sanitisation as well as escaping in some of them. As a result, attackers could make a logged in admin change them and put Cross-Site Scripting payloads ...

6.1CVSS6.4AI score0.00739EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2016/05/16 12:0 a.m.43 views

Oracle Linux 6 : openssh (ELSA-2016-0741)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0741 advisory. - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317817 Tenable has extracted the preceding description block directly from the Oracl...

9.8CVSS6.6AI score0.37016EPSS
Exploits13References5
Oracle linux
Oracle linux
added 2016/04/03 12:0 a.m.98 views

openssh security update

4.3p2-82.0.2 - CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices John Haxby orabug 22985024 - CVE-2016-3115: missing sanitisation of input for X11 forwarding John Haxby orabug 22985024...

8.5CVSS2.4AI score0.37016EPSS
Exploits14
Rows per page
Query Builder