Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/04/15 12:1 a.m.2 views

CVE-2026-40104 XWiki's REST APIs can list all pages/spaces, leading to unavailability

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 1.8-rc-1, 17.0.0-rc-1 and 17.5.0-rc-1 and prior include a resource exhaustion vulnerability in REST API endpoints such as...

6.9CVSS5.7AI score0.00405EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/06/30 12:0 a.m.6 views

The vulnerability in the virtual training environment Moodle, related to insufficient data cleaning, allows a malicious user to execute arbitrary SQL queries in the database.

The vulnerability in the virtual training environment Moodle is related to insufficient cleaning of data provided by users in the external Wiki method for listing pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries in the database...

7.5CVSS6.7AI score0.01142EPSS
Exploits0References4Affected Software2
CNNVD
CNNVD
added 2022/11/18 12:0 a.m.3 views

Karmasis Infraskope Agent 访问控制错误漏洞

Karmasis Infraskope Agent is an application logger from Karmasis. An Access Control Error vulnerability exists in Karmasis Infraskope Agent versions prior to 7.10.00, which stems from improper access control in the application and can be exploited by an attacker to corrupt the page listing the...

7.5CVSS6.8AI score0.00568EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/05/11 8:12 p.m.1 views

cxf: reflected XSS in the services listing page

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting XSS attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploit...

6.1CVSS7.2AI score0.07055EPSS
Exploits0References4
Rows per page
Query Builder