Lucene search
K

513 matches found

Cvelist
Cvelist
added 2025/08/08 1:32 a.m.13 views

CVE-2025-8706 Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module CreateFunctionLog sql injection

A vulnerability has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /CommonSolution/CreateFunctionLog of the component Energy Overview Module. The manipulation of the...

6.5CVSS0.00332EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/08/08 1:32 a.m.6 views

CVE-2025-8706 Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module CreateFunctionLog sql injection

A vulnerability has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /CommonSolution/CreateFunctionLog of the component Energy Overview Module. The manipulation of the...

6.5CVSS6.7AI score0.00332EPSS
Exploits1References4
OSV
OSV
added 2025/08/08 1:15 a.m.3 views

CVE-2025-8705

A vulnerability, which was classified as critical, was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. Affected is an unknown function of the file /WEASHomePage/GetTargetConfig of the component Energy Overview Module. The manipulation of the argument BPProID leads to sql...

8.8CVSS5.7AI score0.00332EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/08/08 1:2 a.m.10 views

CVE-2025-8705 Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module GetTargetConfig sql injection

A vulnerability, which was classified as critical, was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. Affected is an unknown function of the file /WEASHomePage/GetTargetConfig of the component Energy Overview Module. The manipulation of the argument BPProID leads to sql...

6.5CVSS0.00332EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/08/08 1:2 a.m.4 views

CVE-2025-8705 Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module GetTargetConfig sql injection

A vulnerability, which was classified as critical, was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. Affected is an unknown function of the file /WEASHomePage/GetTargetConfig of the component Energy Overview Module. The manipulation of the argument BPProID leads to sql...

6.5CVSS6.7AI score0.00332EPSS
Exploits1References4
CVE
CVE
added 2025/08/08 1:2 a.m.24 views

CVE-2025-8705

The CVE-2025-8705 affects Wanzhou WOES Intelligent Optimization Energy Saving System 1.0, specifically the Energy Overview Module’s API at /WEAS_HomePage/GetTargetConfig. The vulnerability arises from unsafely handling the BP_ProID parameter, enabling SQL injection that can be executed remotely. ...

8.8CVSS6.8AI score0.00332EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/07/31 7:41 p.m.1 views

MINI-R87V-G2H3-PG64

Bulletin has no description...

8.6CVSS7.2AI score0.00273EPSS
Exploits0
OSV
OSV
added 2025/07/07 7:54 p.m.5 views

CVE-2025-53543 Kestra allows Stored XSS before 0.22

Kestra is an event-driven orchestration platform. The error message in execution "Overview" tab is vulnerable to stored XSS due to improper handling of HTTP response received. This vulnerability is fixed in 0.22.0...

4.2CVSS6.4AI score0.00151EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/07 12:0 a.m.5 views

kestra 跨站脚本漏洞

kestra is a workflow automation platform from Kestra open source. A cross-site scripting vulnerability exists in versions prior to kestra 0.22.0 that stems from improper handling of an error message in the Execution Overview tab and could lead to a stored cross-site scripting attack...

4.2CVSS5.8AI score0.00151EPSS
Exploits0References2
OSV
OSV
added 2025/06/23 9:21 p.m.2 views

GHSA-HWPG-X5HW-VPV9 ChangeDetection.io XSS in watch overview

Impact XSS - Errors in filters from website page change detection watches were not being filtered. Patches 0.50.4...

7CVSS7.2AI score0.00521EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.15 views

A Survey of Foundation Models for IoT: Taxonomy and Criteria-Based Analysis

Foundation models have gained growing interest in the IoT domain due to their reduced reliance on labeled data and strong generalizability across tasks, which address key limitations of traditional machine learning approaches. However, most existing foundation model based methods are developed fo...

6.9AI score
Exploits0
OSV
OSV
added 2025/06/17 11:22 a.m.3 views

CGA-F2CV-9C8W-HFJC

Bulletin has no description...

6.8CVSS7.2AI score0.0056EPSS
Exploits0
OSV
OSV
added 2025/06/13 9:0 p.m.1 views

MAL-2025-5056 Malicious code in requests-json-overview (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8009e6f4e6416f898819130b2befd315297272af6764740f522acfd719576a0c Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
HackRead
HackRead
added 2025/06/04 10:49 a.m.5 views

Photoshop for Beginners – Overview of Top Skills and How to Hone Them

What comes to your mind when you think of Photoshop? A tool for editing and retouching photos -…...

7.3AI score
Exploits0
OSV
OSV
added 2025/05/31 5:57 a.m.8 views

BIT-MOODLE-2024-34000 moodle: stored XSS in lesson overview report via user ID number

ID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS risk...

4.3CVSS5.6AI score0.00494EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.7 views

The vulnerability of the GetOverview method in the software for managing and monitoring remote devices in telemetry and telemechanics systems, as well as in the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the GetOverview method in the software for managing and monitoring remote devices in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a...

9CVSS6.1AI score0.00594EPSS
Exploits0References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/23 1:41 a.m.4 views

Malicious code in fc-card-overview (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 52e92e70129fc8f9de1f5052d516f6fd499edcfc902e3f08c68db8c3ea792448 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 12:15 a.m.16 views

CVE-2022-45017

A cross-site scripting XSS vulnerability in the Overview Page settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Loop field...

4.8CVSS5.7AI score0.00537EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:43 p.m.3 views

CVE-2021-39413

Multiple Cross Site Scripting XSS vulnerabilities exits in SEO Panel v4.8.0 via the 1 totime parameter in a backlinks.php, b analytics.php, c log.php, d overview.php, e pagespeed.php, f rank.php, g review.php, h saturationchecker.php, i socialmedia.php, and j reports.php; the 2 fromtime parameter...

6.1CVSS6.4AI score0.0081EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:27 a.m.20 views

CVE-2012-2975

Cross-site scripting XSS vulnerability in the traffic overview page on the F5 ASM appliance 10.0.0 through 11.2.0 HF2 allows remote attackers to inject arbitrary web script or HTML via crafted requests that are later listed on a summary page...

4.3CVSS5.8AI score0.01513EPSS
Exploits1References1
Rows per page
Query Builder