Lucene search
K

54816 matches found

OSV
OSV
added 2025/12/15 4:15 p.m.3 views

CVE-2024-44598

FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...

8.8CVSS5.8AI score0.0035EPSS
Exploits0References2
NVD
NVD
added 2025/12/15 4:15 p.m.6 views

CVE-2024-44598

FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...

8.8CVSS0.0035EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.4 views

PT-2025-51336

Name of the Vulnerable Software and Affected Versions CTCMS Content Management System versions up to 2.1.2 Description A weakness exists in CTCMS Content Management System up to version 2.1.2. This issue affects an unknown function within the /ctcms/apps/libraries/CT Parser.php library of the...

7.2CVSS6.1AI score0.00378EPSS
Exploits1References10
CVE
CVE
added 2025/12/15 12:0 a.m.11 views

CVE-2024-44598

CVE-2024-44598 concerns FNT Command 13.4.0, which is reported as vulnerable to code execution via the C Base Module . The available sources consistently describe a code execution flaw in this module, but do not provide explicit technical details about the vulnerable component, affected versions b...

8.8CVSS6.9AI score0.0035EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.2 views

PT-2025-51247

FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...

8.8CVSS7.3AI score0.0035EPSS
Exploits0References3
CNVD
CNVD
added 2025/12/15 12:0 a.m.3 views

Rockwell Automation 432ES-IG3 Series A Denial of Service Vulnerability

The Rockwell Automation 432ES-IG3 Series A is a safety I/O module from Rockwell Automation. A denial of service vulnerability exists in the Rockwell Automation 432ES-IG3 Series A, which can be exploited by an attacker to cause a denial of service...

8.7CVSS5.9AI score0.00314EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/15 12:0 a.m.2 views

CVE-2024-44598

FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...

6.9AI score0.0035EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.6 views

PT-2025-51319

Name of the Vulnerable Software and Affected Versions CTCMS Content Management System versions up to 2.1.2 Description A code injection issue exists in CTCMS Content Management System. The issue is located in the Save function within the /ctcms/libs/Ct App.php file of the Backend App Configuratio...

7.2CVSS5AI score0.00386EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.6 views

PT-2025-51261

Name of the Vulnerable Software and Affected Versions Frappe ERPNext versions through 15.89.0 Description A SQL injection issue exists in Frappe ERPNext. The get outstanding reference documents function within the erpnext/accounts/doctype/payment entry/payment entry.py file is susceptible to...

9.8CVSS7.5AI score0.00325EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/12/15 12:0 a.m.6 views

FNT Command 安全漏洞

FNT Command is a data center infrastructure management platform from FNT Germany. A security vulnerability exists in FNT Command version 13.4.0, which stems from a code execution vulnerability in the C Base Module...

8.8CVSS7.5AI score0.0035EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/15 12:0 a.m.22 views

CVE-2024-44598

FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...

0.0035EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/13 8:2 p.m.4 views

CVE-2024-58305

WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious JavaScript through the module installation endpoint. Attackers can craft a specially designed XSS payload to install a reverse shell module and execute remote commands by tricking an...

8.8CVSS6.1AI score0.00366EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/13 6:30 p.m.5 views

EUVD-2025-203253

ShineLan-X contains a stored cross site scripting XSS vulnerability in the local configuration web server. The JavaScript code snippet can be inserted in the communication module’s settings center. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious...

8.4CVSS5.2AI score0.00132EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/13 6:30 p.m.6 views

EUVD-2025-203224

The Extensive VC Addons for WPBakery page builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9.1 via the extensivevcgetmoduletemplatepart function. This is due to insufficient path normalization and validation of the user-supplied...

8.1CVSS6.6AI score0.00533EPSS
Exploits0References8
NVD
NVD
added 2025/12/13 4:16 p.m.5 views

CVE-2025-36748

ShineLan-X contains a stored cross site scripting XSS vulnerability in the local configuration web server. The JavaScript code snippet can be inserted in the communication module’s settings center. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious...

8.4CVSS0.00132EPSS
Exploits0References1
Veracode
Veracode
added 2025/12/13 7:24 a.m.11 views

Arbitrary File Write

fontTools is vulnerable to an arbitrary file write. The vulnerability is due to improper handling of malicious .designspace files in the fontTools.varLib module, which allows an attacker to achieve remote code execution by writing arbitrary files when processed...

9.8CVSS7.5AI score0.00496EPSS
Exploits9References3Affected Software1
GithubExploit
GithubExploit
added 2025/12/13 4:50 a.m.160 views

Exploit for CVE-2025-66947

CVE-2025-66947 SQL Injection in krishanmuraiji SMS v1.0 CVE-2...

8.5AI score0.00259EPSS
Exploits2
Veracode
Veracode
added 2025/12/13 4:44 a.m.5 views

Path Traversal

cn.dreampie:resty is vulnerable to Path Traversal. The vulnerability is due to improper validation of the filename parameter in the HttpClient module, which allows an attacker to manipulate file paths and access unauthorized files on the system...

8.1CVSS5.8AI score0.00644EPSS
Exploits1References6Affected Software1
Veracode
Veracode
added 2025/12/13 4:43 a.m.8 views

Server-Side Template Injection (SSTI)

net.mingsoft, ms-mcms is vulnerable to Server-Side Template Injection SSTI. The vulnerability is due to improper handling of user-supplied input in the Template Management module, which allows an attacker to inject and execute arbitrary template code on the server...

9.1CVSS7.7AI score0.02731EPSS
Exploits1References2Affected Software1
Veracode
Veracode
added 2025/12/13 4:33 a.m.14 views

Arbitrary File Upload

ms-mcms is vulnerable to Arbitrary File Upload. The vulnerability is due to insufficient validation of uploaded ZIP files in the New Template module, allowing attackers to upload crafted files that can be executed on the server, leading to arbitrary code execution...

9.8CVSS7.5AI score0.02576EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder