Lucene search
K

2155 matches found

Positive Technologies
Positive Technologies
added 2023/03/07 12:0 a.m.6 views

PT-2023-20810 · Ecshop · Ecshop

Name of the Vulnerable Software and Affected Versions: EcShop version 4.1.5 Description: An arbitrary file upload issue in the /admin/template.php component allows attackers to execute arbitrary code via a crafted PHP file. Recommendations: For EcShop version 4.1.5, consider disabling the...

7.4AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/06 12:0 a.m.4 views

PT-2023-19757 · Pmb · Pmb

Name of the Vulnerable Software and Affected Versions: PMB version 7.4.6 Description: A reflected cross-site scripting XSS issue was found in PMB via the query parameter at "/admin/convert/export z3950 new.php". This allows for potential XSS attacks. Recommendations: For PMB version 7.4.6, consid...

6.1CVSS6AI score0.01169EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/02/28 12:0 a.m.5 views

PT-2023-20057 · Unknown · Online Reviewer Management System

Name of the Vulnerable Software and Affected Versions: Online Reviewer Management System version 1.0 Description: An issue was discovered in the Online Reviewer Management System, where there is a XSS vulnerability. This vulnerability can be exploited via the reviewer...

4.8CVSS4.7AI score0.00457EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/02/27 12:0 a.m.6 views

PT-2023-21045 · Unknown · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue concerns the /api/v4/users/me/teams API endpoint, where Mattermost fails to honor the ShowEmailAddress setting. This allows an attacker with team admin privileges to obtain the...

2.7CVSS3.3AI score0.00526EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/02/26 12:0 a.m.6 views

PT-2023-16717 · Techpowerup · Techpowerup Ryzen Dram Calculator

Name of the Vulnerable Software and Affected Versions: TechPowerUp Ryzen DRAM Calculator version 1.2.0.5 Description: A critical issue has been found in the library WinRing0x64.sys, affecting some unknown processing. The manipulation leads to improper initialization, requiring local access to...

7.8CVSS6.9AI score0.00572EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2023/02/24 12:0 a.m.4 views

PT-2023-16686 · Vox2Png · Vox2Png

Name of the Vulnerable Software and Affected Versions: vox2png version 1.0 Description: A critical vulnerability was found in vox2png, affecting an unknown functionality of the file vox2png.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit ha...

5.5CVSS7.2AI score0.0037EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2023/02/23 12:0 a.m.3 views

PT-2023-16669 · Sourcecodester · Sourcecodester Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A problematic issue has been found in the processing of the file "admin/ajax.php?action=save user", leading to cross-site request forgery. The attack can be initiated...

8.8CVSS4.9AI score0.00465EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/02/20 12:0 a.m.4 views

PT-2023-5754 · Watchguard +1 · Watchguard Epdr +1

Name of the Vulnerable Software and Affected Versions: WatchGuard EPDR version 8.0.21.0002 Description: The issue is related to insufficient access control in the Protection Agent component of WatchGuard Endpoint Protection, Detection and Response EPDR and Panda Adaptive Defense 360 Panda AD360...

7.8CVSS7.1AI score0.00148EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/02/19 12:0 a.m.6 views

PT-2023-20924 · Tenda · Tenda V15

Name of the Vulnerable Software and Affected Versions: Tenda V15 version V1.0 Description: A buffer overflow issue was discovered via the gotoUrl parameter in the formPortalAuth function, allowing attackers to cause a Denial of Service DoS via a crafted request. Recommendations: For Tenda V15...

7.8CVSS7.3AI score0.00896EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/02/18 12:0 a.m.8 views

PT-2023-16612 · Sourcecodester · Sourcecodester Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A critical issue has been found in the GET Parameter Handler component of the view prod.php file, where the manipulation of the ID argument leads to sql injection. This issu...

9.8CVSS7.5AI score0.00473EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/02/17 12:0 a.m.7 views

PT-2023-16590 · Phjounin · Tftpd64-Se

Name of the Vulnerable Software and Affected Versions: phjounin TFTPD64-SE version 4.64 Description: A critical issue affects the processing of the file tftpd64 svc.exe, leading to an unquoted search path. The manipulation can be exploited locally, with a rather high complexity of attack and...

7.8CVSS7AI score0.00197EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/02/12 12:0 a.m.6 views

PT-2023-16525 · Sourcecodester · Sourcecodester Best Online News Portal

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Online News Portal version 1.0 Description: A critical issue has been found in the Login Page component, where the manipulation of the username argument leads to SQL injection. This can be exploited remotely...

9.8CVSS8.4AI score0.00812EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/02/10 12:0 a.m.4 views

PT-2025-6093 · Tenda · Tenda W18E

Name of the Vulnerable Software and Affected Versions: Tenda W18E version V16.01.0.81625 Description: A stack overflow vulnerability in the Tenda W18E web management portal allows an authenticated remote attacker to cause a denial of service or potentially execute arbitrary code. This issue occur...

8CVSS8.4AI score0.00833EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2023/02/06 12:0 a.m.6 views

PT-2023-2478 · Aten · Aten Pe8108

Name of the Vulnerable Software and Affected Versions: Aten PE8108 version 2.4.232 Description: The issue is related to insufficient protection of registration data in the web interface of the Aten PE8108 power distribution unit PDU software. This allows for unauthenticated access to Telnet and...

7.8CVSS7.6AI score0.00697EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/02/02 12:0 a.m.5 views

PT-2023-1349 · Delta Electronics · Diascreen

Name of the Vulnerable Software and Affected Versions: Delta Electronics DIAScreen versions 1.2.1.23 and prior Description: The issue is related to a buffer overflow in memory due to improper restrictions of operations. This could allow an attacker to remotely execute arbitrary code...

7.8CVSS7.8AI score0.00296EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/01/28 12:0 a.m.5 views

PT-2023-16366 · Unknown · Phpgurukul Bank Locker Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Bank Locker Management System version 1.0 Description: A critical issue affects the Login component of the PHPGurukul Bank Locker Management System, specifically the file index.php. The manipulation of the username argument leads t...

9.8CVSS8AI score0.44268EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2023/01/25 12:0 a.m.6 views

PT-2023-14377 · Ibm · Ibm Business Automation Workflow

Name of the Vulnerable Software and Affected Versions: IBM Business Automation Workflow version 22.0.2 Description: The issue allows a remote attacker to traverse directories on the system by sending a specially crafted URL request containing dot dot sequences /../ to view arbitrary files on the...

7.5CVSS7.4AI score0.01966EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.4 views

PT-2023-12788 · Puppet · Puppet-Facter

Name of the Vulnerable Software and Affected Versions: puppet-facter versions all Description: The issue is related to Command Injection via the getFact function due to improper input sanitization. This allows for potential exploitation. No information is provided about the estimated number of...

7.8CVSS7.5AI score0.01219EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2023/01/23 12:0 a.m.4 views

PT-2023-15119 · Sonic · Sonic

Name of the Vulnerable Software and Affected Versions: Sonic version 1.0.4 Description: The issue allows attackers to execute a directory traversal in the component /admin/backups/work-dir. This enables attackers to access files or directories outside the intended directory structure...

4.3CVSS6.9AI score0.0077EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2023/01/23 12:0 a.m.6 views

PT-2023-13550 · Unknown · Jetnexus/Edgenexus Adc

Name of the Vulnerable Software and Affected Versions: JetNexus/EdgeNexus ADC version 4.2.8 Description: The management portal component of the software contains a command injection issue, allowing authenticated attackers to execute arbitrary commands through a specially crafted payload. This iss...

8.8CVSS9.1AI score0.03546EPSS
Exploits1References4
Rows per page
Query Builder