Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-45845

Malicious code in bioql PyPI...

6.5CVSS8.6AI score0.00231EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:38 a.m.5 views

CVE-2024-52340

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MartyThornley Photographer Connections photographer-connections allows Stored XSS.This issue affects Photographer Connections: from n/a through = 1.3.1...

6.5CVSS7.2AI score0.00231EPSS
Exploits0References1
NVD
NVD
added 2024/11/18 11:15 p.m.22 views

CVE-2024-52340

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MartyThornley Photographer Connections photographer-connections allows Stored XSS.This issue affects Photographer Connections: from n/a through = 1.3.1...

6.5CVSS0.00231EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/18 10:14 p.m.8 views

CVE-2024-52340 WordPress Photographer Connections plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Marty Thornley Photographer Connections allows Stored XSS.This issue affects Photographer Connections: from n/a through 1.3.1...

6.5CVSS6.8AI score0.00231EPSS
Exploits0References1
CVE
CVE
added 2024/11/18 10:14 p.m.53 views

CVE-2024-52340

CVE-2024-52340 – Photographer Connections (WordPress plugin) Description: An improper input handling flaw in Photographer Connections (Marty Thornley) allows Stored XSS via web page generation. Affected: WordPress plugin Photographer Connections, versions n/a through 1.3.1 (≤ 1.3.1). Root cause: ...

6.5CVSS7.2AI score0.00231EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/18 10:14 p.m.22 views

CVE-2024-52340 WordPress Photographer Connections plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MartyThornley Photographer Connections photographer-connections allows Stored XSS.This issue affects Photographer Connections: from n/a through = 1.3.1...

6.5CVSS0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.2 views

WordPress plugin Photographer Connections 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.7AI score0.00231EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.4 views

PT-2024-35181 · Unknown · Marty Thornley Photographer Connections

Name of the Vulnerable Software and Affected Versions: Marty Thornley Photographer Connections versions 1.3.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

6.5CVSS5.6AI score0.00231EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/11/08 6:0 p.m.3 views

WordPress Photographer Connections plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Photographer Connections versions = 1.3.1...

6.5CVSS6.1AI score0.00231EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.12 views

WordPress Photographer Connections Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Photographer Connections Type Plugin Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52340 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 051ac84967a6 Credits SOPROBRO Required privilege...

6.5CVSS6.9AI score0.00231EPSS
Exploits0References1Affected Software1
Wired Threat Level
Wired Threat Level
added 2024/05/30 10:30 a.m.14 views

The Unusual Espionage Act Case Against a Drone Photographer

In seemingly the first case of its kind, the US Justice Department has charged a Chinese national with using a drone to photograph a Virginia shipyard where the US Navy was assembling nuclear submarines...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/02/03 9:36 a.m.4 views

tours.texasrealestatephotographer.com Cross Site Scripting vulnerability OBB-3848037

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Patchstack
Patchstack
added 2023/03/28 12:0 a.m.11 views

WordPress photographer-directory Plugin < 1.0.9 is vulnerable to Privilege Escalation

Software photographer-directory Type Plugin Vulnerable versions 1.0.9 Fixed in 1.0.9 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2020-36666 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 44093df6ab0d Credits Omar Badran Required...

8.8CVSS6.4AI score0.00905EPSS
Exploits2References3Affected Software1
Openbugbounty
Openbugbounty
added 2022/11/12 8:6 a.m.13 views

amalficoastweddingphotographer.it Cross Site Scripting vulnerability OBB-3050732

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
ThreatPost
ThreatPost
added 2021/04/12 6:12 p.m.38 views

IcedID Circulates Via Web Forms, Google URLs

Website contact forms and Google URLs are being used to spread the IcedID trojan, according to researchers at Microsoft. Attackers are using “contact us” forms on websites to send emails targeting organizations with trumped-up legal threats, researchers said. The messages consistently mention a...

7.3AI score
Exploits0References7
Hacker One
Hacker One
added 2018/03/25 8:30 p.m.569 views

HackerOne: h1-202 leaderboard photo discloses local wifi password

Summary: the h1-202 event took several photos for the event that rotate on the public leaderboard. One of these photos disclosed the local wifi SSID and Password. Description: SSID: HackerOne Password: █████████ Steps To Reproduce 1. Look at the photo attached Remediation Have your staff...

6.6AI score
Exploits0
hackapp
hackapp
added 2016/04/01 10:3 a.m.11 views

Photographer Girl - Dream Job - Dangerous filesystem permissions, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Photographer Girl - Dream Job published at the 'play' market has multiple vulnerabilities...

1AI score
Exploits0References1Affected Software1
OSV
OSV
added 2014/12/03 9:59 p.m.3 views

DEBIAN-CVE-2014-9236

Cross-site scripting XSS vulnerability in php/editphotos.php in Zoph aka Zoph Organizes Photos 0.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 photographerid or 2 crumb parameter...

4.3CVSS6AI score0.02645EPSS
Exploits1References1
OSV
OSV
added 2014/12/03 9:59 p.m.2 views

UBUNTU-CVE-2014-9236

Cross-site scripting XSS vulnerability in php/editphotos.php in Zoph aka Zoph Organizes Photos 0.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 photographerid or 2 crumb parameter...

4.3CVSS5.9AI score0.02645EPSS
Exploits1References4
Drupal
Drupal
added 2013/07/10 12:0 a.m.26 views

SA-CONTRIB-2013-055 - Hatch - Cross Site Scripting

Hatch theme is a simple and minimal portfolio theme for photographers, illustrators, designers, or photobloggers. The theme didn't sufficiently escape user supplied text prior to printing them. This vulnerability is mitigated by the fact that an attacker must have a role with the permission...

2.1CVSS6.4AI score0.00931EPSS
Exploits0References9
Rows per page
Query Builder