Lucene search
K

7660 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 7:27 a.m.4 views

Malicious code in zcli-monorepo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0f985abbb6312ed73fdb0530b9d318e7f6231b64924bd534acce93774e72a5e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 5:15 a.m.2 views

CVE-2017-20059

A vulnerability, which was classified as problematic, has been found in Elefant CMS 1.3.12-RC. Affected by this issue is some unknown functionality of the component Title Handler. The manipulation with the input leads to basic cross site scripting Persistent. The attack may be launched remotely...

5.4CVSS4.5AI score0.00474EPSS
Exploits0References2
OSV
OSV
added 2022/06/20 5:15 a.m.4 views

CVE-2017-20057

A vulnerability classified as problematic has been found in Elefant CMS 1.3.12-RC. Affected is an unknown function. The manipulation of the argument username leads to basic cross site scripting Persistent. It is possible to launch the attack remotely. Upgrading to version 1.3.13 is able to addres...

6.1CVSS4.5AI score
Exploits0References2
NVD
NVD
added 2022/06/20 5:15 a.m.9 views

CVE-2017-20060

A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site scripting Persistent. It is possible to initiate the attack remotely. Upgrading to version 1.3.13 i...

5.4CVSS0.00474EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/06/20 4:50 a.m.17 views

CVE-2017-20059 Elefant CMS Title Persistent cross site scriting

A vulnerability, which was classified as problematic, has been found in Elefant CMS 1.3.12-RC. Affected by this issue is some unknown functionality of the component Title Handler. The manipulation with the input leads to basic cross site scripting Persistent. The attack may be launched remotely...

3.5CVSS5.3AI score0.00474EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/06/20 4:50 a.m.5 views

CVE-2017-20059 Elefant CMS Title Persistent cross site scriting

A vulnerability, which was classified as problematic, has been found in Elefant CMS 1.3.12-RC. Affected by this issue is some unknown functionality of the component Title Handler. The manipulation with the input leads to basic cross site scripting Persistent. The attack may be launched remotely...

3.5CVSS5.5AI score0.00474EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/06/20 4:50 a.m.9 views

CVE-2017-20058 Elefant CMS Version Comparison Persistent cross site scriting

A vulnerability classified as problematic was found in Elefant CMS 1.3.12-RC. Affected by this vulnerability is an unknown functionality of the component Version Comparison. The manipulation leads to basic cross site scripting Persistent. The attack can be launched remotely. Upgrading to version...

4.3CVSS6.3AI score0.00709EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/06/20 4:50 a.m.20 views

CVE-2017-20058 Elefant CMS Version Comparison Persistent cross site scriting

A vulnerability classified as problematic was found in Elefant CMS 1.3.12-RC. Affected by this vulnerability is an unknown functionality of the component Version Comparison. The manipulation leads to basic cross site scripting Persistent. The attack can be launched remotely. Upgrading to version...

4.3CVSS6.1AI score0.00709EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/06/20 4:50 a.m.4 views

CVE-2017-20057 Elefant CMS Persistent cross site scriting

A vulnerability classified as problematic has been found in Elefant CMS 1.3.12-RC. Affected is an unknown function. The manipulation of the argument username leads to basic cross site scripting Persistent. It is possible to launch the attack remotely. Upgrading to version 1.3.13 is able to addres...

4.3CVSS6.3AI score0.0054EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/06/20 4:50 a.m.15 views

CVE-2017-20057 Elefant CMS Persistent cross site scriting

A vulnerability classified as problematic has been found in Elefant CMS 1.3.12-RC. Affected is an unknown function. The manipulation of the argument username leads to basic cross site scripting Persistent. It is possible to launch the attack remotely. Upgrading to version 1.3.13 is able to addres...

4.3CVSS6.2AI score0.0054EPSS
Exploits0References2
OSV
OSV
added 2022/06/15 4:15 p.m.3 views

CVE-2022-29438

Authenticated author or higher user role Persistent Cross-Site Scripting XSS vulnerability in Image Slider by NextCode plugin = 1.1.2 at WordPress...

4.8CVSS5.8AI score0.00506EPSS
Exploits0References2
CVE
CVE
added 2022/06/15 3:14 p.m.74 views

CVE-2022-29438

CVE-2022-29438 affects the WordPress plugin Image Slider by NextCode (versions

4.8CVSS4.9AI score0.00506EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/06/15 12:0 a.m.42 views

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2022:2081-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2081-1 advisory. - A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send ...

7.5CVSS7.1AI score0.01983EPSS
Exploits0References7
NVD
NVD
added 2022/06/14 1:15 p.m.16 views

CVE-2021-40678

In Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batchmanager&mode=unit...

5.4CVSS0.00474EPSS
Exploits1References1
CVE
CVE
added 2022/06/14 12:16 p.m.63 views

CVE-2021-40678

CVE-2021-40678 concerns Piwigo 11.5.0, where a persistent cross-site scripting (XSS) vulnerability exists in the single mode function via the URL path /admin.php?page=batch_manager&mode=unit. The connected documents consistently describe it as a client-side JavaScript execution risk reachable thr...

5.4CVSS5.2AI score0.00474EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/06/13 6:50 a.m.20 views

CVE-2017-20043 Navetti PricePoint Persistent cross site scriting

A vulnerability was found in Navetti PricePoint 4.6.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting Persistent. The attack may be launched remotely. Upgrading to version 4.7.0.0 is able to address this...

4.3CVSS5.3AI score0.0054EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/06/13 6:50 a.m.5 views

CVE-2017-20043 Navetti PricePoint Persistent cross site scriting

A vulnerability was found in Navetti PricePoint 4.6.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting Persistent. The attack may be launched remotely. Upgrading to version 4.7.0.0 is able to address this...

4.3CVSS5.5AI score0.0054EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/13 5:48 a.m.3 views

Malicious code in dashboard-modules (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2616bed5786e244ce809de0caa8e23eb8d4725566cdad7f1d4d8f5f85a5f9286 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OpenVAS
OpenVAS
added 2022/06/13 12:0 a.m.17 views

phpList <= 3.2.6 Multiple Vulnerabilities

phpList is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phplist:phplist"; if description...

9.8CVSS5.2AI score0.20442EPSS
Exploits8References2
OSV
OSV
added 2022/06/12 8:15 a.m.1 views

CVE-2018-25039

A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/RgUrlBlock.asp. The manipulation of the argument BasicParentalNewKeyword with the input alert1 as part of POST Request leads to cross site...

5.4CVSS4.4AI score0.00509EPSS
Exploits1References2
Rows per page
Query Builder