Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-0781

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00441EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-23958

Malicious code in bioql PyPI...

9.1CVSS6.5AI score0.00787EPSS
Exploits0References1
OSV
OSV
added 2024/02/21 12:31 a.m.3 views

GHSA-MWHF-6MJM-6W3H Liferay Portal and Liferay DXP Does Not Obfuscate Password Reminder Answers

In Liferay Impl before 5.18.4, Liferay Users Admin Web before 5.0.33, Liferay Login Web before 5.0.18, and Liferay Commerce Account Web before 3.0.7 from Liferay Portal 7.2.0 through 7.3.5, and older unsupported versions, and Liferay DXP 7.3 before fix pack 1, 7.2 before fix pack 17, and older...

6.3CVSS6.8AI score0.00284EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/02/20 12:31 p.m.5 views

Liferay Portal and Liferay DXP's HtmlUtil.escapeRedirect Can Be Circumvented via Two Forward Slashes

HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 service pack 3, 7.2 fix pack 15 through 18, and older unsupported versions can be circumvented by using two forward slashes, which allows remote attackers to...

6.1CVSS6.2AI score0.00355EPSS
Exploits0References10Affected Software2
Positive Technologies
Positive Technologies
added 2022/12/29 12:0 a.m.14 views

PT-2022-24289 · Esri · Arcgis Enterprise +1

🚨 CVE-2022-38212 Protections against potential Server-Side Request Forgery SSRF vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to...

7.5CVSS7.7AI score0.00876EPSS
Exploits0References6
CERT
CERT
added 2016/07/13 12:0 a.m.40 views

Accela Civic Platform Citizen Access portal contains multiple vulnerabilities

Overview Accela Civic Platform Citizen Access portal contains cross-site scripting and arbitrary file upload vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2016-5660Accela Civic Platform Citizen Access portal contains ...

8.8CVSS7.4AI score0.02557EPSS
Exploits0References1
exploitpack
exploitpack
added 2004/10/06 12:0 a.m.12 views

DCP-Portal 3.74.x5.x - news.php?cid Cross-Site Scripting

DCP-Portal 3.74.x5.x - news.php?cid Cross-Site Scripting source: https://www.securityfocus.com/bid/11338/info DCP-Portal is reported prone to multiple cross-site scripting vulnerabilities. It is reported that DCP-Portal does not sufficiently filter URI parameters supplied to several scripts...

6.8AI score
Exploits0
Rows per page
Query Builder