Lucene search
+L

58 matches found

Positive Technologies
Positive Technologies
added 2025/09/05 12:0 a.m.5 views

PT-2025-36128

Name of the Vulnerable Software and Affected Versions: Saad Iqbal License Manager for WooCommerce versions through 3.0.12 Description: The software contains an SQL injection flaw that allows for blind SQL injection. This issue is due to improper neutralization of special elements used in an SQL...

7.6CVSS7.3AI score0.00346EPSS
Exploits0References4
NVD
NVD
added 2025/08/20 8:15 a.m.4 views

CVE-2025-48142

Incorrect Privilege Assignment vulnerability in Saad Iqbal Bookify bookify allows Privilege Escalation.This issue affects Bookify: from n/a through = 1.0.9...

8.8CVSS0.0033EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:3 a.m.28 views

CVE-2025-48142

The connected sources confirm CVE-2025-48142 affects the WordPress plugin Bookify (versions n/a through 1.0.9) and stems from an Incorrect Privilege Assignment vulnerability that enables Privilege Escalation. Reported for Bookify, Root Cause: flawed privilege handling inside the plugin’s access c...

8.8CVSS5.9AI score0.0033EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.8 views

CVE-2025-54667

Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Saad Iqbal myCred mycred allows Leveraging Time-of-Check and Time-of-Use TOCTOU Race Conditions.This issue affects myCred: from n/a through = 2.9.4.3...

5.3CVSS5.9AI score0.00214EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.5 views

CVE-2025-54668

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal myCred mycred allows Stored XSS.This issue affects myCred: from n/a through = 2.9.4.3...

6.5CVSS5.9AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 11:15 a.m.4 views

CVE-2025-54668

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal myCred mycred allows Stored XSS.This issue affects myCred: from n/a through = 2.9.4.3...

6.5CVSS0.00217EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 11:15 a.m.5 views

CVE-2025-54667

Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Saad Iqbal myCred mycred allows Leveraging Time-of-Check and Time-of-Use TOCTOU Race Conditions.This issue affects myCred: from n/a through = 2.9.4.3...

5.3CVSS0.00214EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 10:34 a.m.12 views

CVE-2025-54668

CVE-2025-54668: Stored XSS in WordPress plugin myCred up to version 2.9.4.3 due to improper input neutralization during web page generation. Affected software: myCred (WordPress plugin). Impact is stated as Stored Cross-Site Scripting with low to moderate severity (CVSS v3.1 base score 6.5). Reme...

6.5CVSS5.9AI score0.00217EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 10:34 a.m.16 views

CVE-2025-54667

CVE-2025-54667 describes a TOCTOU race condition in WordPress plugin myCred up to version 2.9.4.3. The vulnerability (CVSSv3.1: 5.3, Network/Low/No user interaction) affects myCred and can enable a race condition exploit related to TOCTOU in the plugin. Remediation per connected sources is to upd...

5.3CVSS5.9AI score0.00214EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/07/24 12:0 a.m.9 views

VulnCheck KEV: CVE-2025-24000

Authentication Bypass Using an Alternate Path or Channel vulnerability in Saad Iqbal Post SMTP post-smtp allows Authentication Bypass.This issue affects Post SMTP: from n/a through = 3.2.0...

5.8AI score0.00566EPSS
In wildExploits1References2
VulnCheck KEV
VulnCheck KEV
added 2024/08/16 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-43354

Deserialization of Untrusted Data vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through = 2.7.2...

9.8CVSS5.8AI score0.00528EPSS
Exploits0References1
NVD
NVD
added 2023/05/12 4:15 p.m.42 views

CVE-2023-25958

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Justin Saad Simple Tooltips plugin = 2.1.4 versions...

5.9CVSS5.4AI score0.00392EPSS
Exploits0References1
CVE
CVE
added 2023/05/12 3:15 p.m.54 views

CVE-2023-25958

CVE-2023-25958 is an admin+ authenticated, stored cross-site scripting (XSS) vulnerability in the WordPress plugin Simple Tooltips

5.9CVSS5.1AI score0.00392EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.216 views

ZCBS/ZBBS/ZPBS v4.14k - Reflected Cross-Site Scripting (XSS)

Exploit Title: ZCBS/ZBBS/ZPBS v4.14k - Reflected Cross-Site Scripting XSS Date: 2023-03-30 CVE: CVE-2023-26692 Exploit Author: Abdulaziz Saad @b4zb0z Vendor Homepage: https://www.zcbs.nl Version: 4.14k Tested on: LAMP, Ubuntu Google Dork: inurl:objecten.pl?ident=3D --- Vulnerability : $GET'ident'...

6.1CVSS6.4AI score0.0269EPSS
Exploits5
CNVD
CNVD
added 2022/11/30 12:0 a.m.31 views

KLiK SocialMediaWebsite reply-form cross-site scripting vulnerability

KLiK SocialMediaWebsite is a simple PHP based social media website by Muhammad Saad personal developer. A cross-site scripting vulnerability exists in KLiK SocialMediaWebsite version 1.0.1 at reply-form. The vulnerability stems from a lack of effective filtering and escaping of user-supplied data...

5.4CVSS5.2AI score0.00477EPSS
Exploits1References1
CNVD
CNVD
added 2022/11/24 12:0 a.m.53 views

KLiK SocialMediaWebsite SQL Injection Vulnerability

KLiK SocialMediaWebsite is a simple PHP based social media website by Muhammad Saad personal developer. KLiK SocialMediaWebsite v1.0.1 suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in "profile.php". The vulnerability can be...

8.8CVSS8.9AI score0.01233EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2009/07/17 12:0 a.m.24 views

Ger Versluis 2000 SQL Injection

-------------------------------------------------------------------------- Ger Versluis 2000 version 5.5 24 SITEfiche.php SQL Injection Vulnerability -------------------------------------------------------------------------- + Author : DeCo017 + Email : 5s5atlivedotfr + Vulnerability : SQL...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2009/07/17 12:0 a.m.10 views

Ger Versluis 2000 5.5 24 - SITE_fiche.php SQL Injection

Ger Versluis 2000 5.5 24 - SITEfiche.php SQL Injection -------------------------------------------------------------------------- Ger Versluis 2000 version 5.5 24 SITEfiche.php SQL Injection Vulnerability -------------------------------------------------------------------------- + Author : DeCo01...

0.7AI score
Exploits0
Rows per page
Query Builder