Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 11:40 p.m.3 views

CVE-2022-40841

A cross-site scripting XSS vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the "htmlNodes" parameter...

6.1CVSS5.7AI score0.00287EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 11:36 p.m.3 views

CVE-2022-40842

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery SSRF via rotateimg.php...

9.1CVSS9.2AI score0.00711EPSS
Exploits1References1
OSV
OSVadded 2022/11/22 1:15 a.m.1 views

CVE-2022-40842

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery SSRF via rotateimg.php...

9.1CVSS5.8AI score0.00711EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2022/11/22 12:0 a.m.2 views

PT-2022-25573 · Ndk Design · Ndkadvancedcustomizationfields

Name of the Vulnerable Software and Affected Versions: ndk design NdkAdvancedCustomizationFields version 3.5.0 Description: The issue is related to Server-side request forgery SSRF via the rotateimg.php file. This allows for potential unauthorized access to internal resources. Recommendations: Fo...

9.1CVSS9.1AI score0.00711EPSS
Exploits1References5
CNNVD
CNNVDadded 2022/11/22 12:0 a.m.1 views

NdkAdvancedCustomizationFields 代码问题漏洞

NdkAdvancedCustomizationFields is an advanced customization field from Ndk. A server-side request forgery vulnerability exists in NdkAdvancedCustomizationFields 3.5.0 and prior versions, which stems from rotateimg.php failing to properly validate user input. An attacker could use this vulnerabili...

9.1CVSS6.8AI score0.00711EPSS
Exploits1References3
OSV
OSVadded 2022/11/02 1:15 p.m.2 views

CVE-2022-40840

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting XSS via createPdf.php...

6.1CVSS5.8AI score0.00303EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2022/11/02 12:0 a.m.3 views

PT-2022-25571 · Unknown · Ndkadvancedcustomizationfields

Name of the Vulnerable Software and Affected Versions: NdkAdvancedCustomizationFields version 3.5.0 Description: The issue concerns a Cross Site Scripting XSS problem. It can be exploited via the createPdf.php endpoint. Recommendations: For version 3.5.0, update to a newer version that contains a...

6.1CVSS6AI score0.00303EPSS
Exploits1References3
OSV
OSVadded 2022/11/01 5:15 p.m.3 views

CVE-2022-40839

A SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database data...

7.5CVSS5.8AI score0.02334EPSS
Exploits1References3
CNNVD
CNNVDadded 2022/11/01 12:0 a.m.2 views

NdkAdvancedCustomizationFields SQL注入漏洞

NdkAdvancedCustomizationFields is an advanced customization field from Ndk. A security vulnerability exists in NdkAdvancedCustomizationFields version v3.5.0, which stems from a SQL injection vulnerability in the height and width parameters, allowing an unauthenticated attacker to steal database...

7.5CVSS7.5AI score0.02334EPSS
Exploits1References4
Rows per page
Query Builder