Lucene search
+L

1775 matches found

osv
osv
added 2026/03/13 10:46 a.m.3 views

MINI-VCH6-P5X8-GR6X

Bulletin has no description...

6.1CVSS5.7AI score0.00328EPSS
Exploits0
euvd
euvd
added 2026/03/12 6:30 p.m.9 views

EUVD-2019-19806

XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to bypass authentication, extract sensitive data...

8.8CVSS5.9AI score0.00393EPSS
Exploits1References3
euvd
euvd
added 2026/03/12 6:30 p.m.3 views

EUVD-2019-19778

XooDigital Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to extract sensitive database information...

8.8CVSS5.9AI score0.00306EPSS
Exploits0References3
nvd
nvd
added 2026/03/12 4:16 p.m.4 views

CVE-2019-25509

XooDigital Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to extract sensitive database information...

8.8CVSS0.00306EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/03/12 3:36 p.m.2 views

CVE-2019-25524 XooGallery Lastest Latest SQL Injection via results.php

XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to bypass authentication, extract sensitive data...

8.8CVSS5.9AI score0.00393EPSS
Exploits1References2
cvelist
cvelist
added 2026/03/12 3:36 p.m.27 views

CVE-2019-25524 XooGallery Lastest Latest SQL Injection via results.php

XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to bypass authentication, extract sensitive data...

8.8CVSS0.00393EPSS
Exploits1References2
attackerkb
attackerkb
added 2026/03/12 3:36 p.m.8 views

CVE-2019-25524

XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to bypass authentication, extract sensitive data...

8.8CVSS5.9AI score0.00393EPSS
Exploits1References2
attackerkb
attackerkb
added 2026/03/12 3:36 p.m.2 views

CVE-2019-25509

XooDigital Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to extract sensitive database information...

8.8CVSS5.9AI score0.00306EPSS
Exploits0References2
cvelist
cvelist
added 2026/03/12 3:36 p.m.22 views

CVE-2019-25509 XooDigital Lastest Latest SQL Injection via results.php

XooDigital Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to extract sensitive database information...

8.8CVSS0.00306EPSS
Exploits0References2
cve
cve
added 2026/03/12 3:36 p.m.14 views

CVE-2019-25509

CVE-2019-25509 affects XooDigital Latest, where an SQL injection vulnerability in the results.php endpoint allows unauthenticated attackers to inject SQL via the 'p' parameter and manipulate database queries to extract sensitive information. All documented details describe the vulnerability as un...

8.8CVSS5.9AI score0.00306EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/03/12 12:0 a.m.6 views

Xooscripts XooDigital SQL注入漏洞

Xooscripts XooDigital is a software developed by the Xooscripts company. Xooscripts XooDigital has a SQL injection vulnerability; this vulnerability stems from the p parameter being susceptible to SQL injections, which may allow unauthenticated attackers to manipulate database queries and extract...

8.8CVSS5.8AI score0.00306EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/03/12 12:0 a.m.7 views

PT-2026-24969

XooDigital Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to extract sensitive database information...

8.8CVSS5.9AI score0.00306EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/03/12 12:0 a.m.6 views

PT-2026-24984

XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to bypass authentication, extract sensitive data...

8.8CVSS5.9AI score0.00393EPSS
Exploits1References3
patchstack
patchstack
added 2026/03/10 12:16 p.m.6 views

WordPress News Magazine X theme <= 1.2.50 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by John P in WordPress Theme News Magazine X versions = 1.2.50...

7.5CVSS5.8AI score0.00278EPSS
Exploits0Affected Software1
snyk
snyk
added 2026/03/07 1:59 a.m.1 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the ValidateStdioConfig process. An attacker can execute arbitrary commands with application privileges by bypassing argument validation using the -p flag in npx node. This allows full system compromise through...

9.9CVSS6AI score0.02054EPSS
Exploits1References2
amazon
amazon
added 2026/03/06 12:0 a.m.12 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED CVE-2022-50390 In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in...

7.8CVSS6.5AI score0.00199EPSS
Exploits0
nvd
nvd
added 2026/03/05 6:16 a.m.5 views

CVE-2026-28075

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in p-themes Porto porto allows Reflected XSS.This issue affects Porto: from n/a through = 7.6.2...

7.1CVSS0.0018EPSS
Exploits0References1
osv
osv
added 2026/02/19 3:57 p.m.3 views

SUSE-SU-2026:20496-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow ...

7.8CVSS6.6AI score0.00338EPSS
Exploits1References140
osv
osv
added 2026/02/04 1:59 p.m.9 views

CLSA-2026-1770213583 Update of microcode_ctl

Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...

5.7AI score
Exploits0References1
attackerkb
attackerkb
added 2026/02/03 2:54 p.m.8 views

CVE-2026-1814

Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword method. When updating legacy keystore passwords, the application generates a new password with insufficient length 7-12 characters and a static prefix...

6.8CVSS5.5AI score0.00145EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder