Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/05/27 6:46 a.m.11 views

CVE-2026-8143 Booking Calendar – Event Calendar <= 2.1.6 - Unauthenticated Stored Cross-Site Scripting via Multiple Parameters

The HBook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hbcountryiso', 'hbusastateiso', and 'hbcanadaprovinceiso' parameters in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS6AI score0.0019EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

WordPress plugin HBook 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.2CVSS5.8AI score0.0019EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/03/10 5:47 p.m.2 views

CVE-2022-25558

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to cause a Denial of Service DoS via the ProvinceCode parameter...

7.8CVSS5.5AI score0.01219EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.4 views

Tenda AX1806 缓冲区错误漏洞

The Tenda AX1806 is a WiFi6 wireless router from Tenda, a Chinese company. A stack overflow vulnerability exists in the Tenda AX1806 formSetProvince function, which can be exploited by an attacker to cause a Denial of Service DoS via the ProvinceCode parameter...

7.8CVSS5.8AI score0.01219EPSS
Exploits1References2
Rows per page
Query Builder