Lucene search
K

11 matches found

CVE
CVE
added 2026/06/20 3:21 p.m.18 views

CVE-2026-56317

CVE-2026-56317 affects Nuxt before 4.4.7 and the 3.x branch before 3.21.7. The NoScript component writes slot content to innerHTML without escaping, enabling cross-site scripting via untrusted data in NoScript slots (e.g., route.query parameters). Impact is XSS in pages rendering NoScript content...

6.1CVSS5.7AI score0.00209EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/20 3:21 p.m.7 views

EUVD-2026-38112

Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...

2.3CVSS5.7AI score0.00209EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/13 12:0 a.m.22 views

CVE-2025-25652

In Eptura Archibus 2024.03.01.109, the "Run script" and "Server File" components of the "Database Update Wizard" are vulnerable to directory traversal...

0.0071EPSS
Exploits2References2
Fedora
Fedora
added 2025/11/06 2:24 a.m.5 views

[SECURITY] Fedora 42 Update: qt5-qtscript-5.15.18-1.fc42

Qt5 - QtScript component...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/10/22 2:11 p.m.6 views

CVE-2025-10020

Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component...

8.8CVSS7.7AI score0.04721EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/21 3:30 p.m.6 views

EUVD-2025-35166

Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component...

9.9CVSS7.1AI score0.04721EPSS
Exploits0References2
OSV
OSV
added 2025/10/21 1:15 p.m.4 views

CVE-2025-10020

Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component...

8.8CVSS5.8AI score0.04721EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/21 12:12 p.m.6 views

CVE-2025-10020 Command Injection

Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component...

8.5CVSS0.04721EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/21 12:12 p.m.4 views

CVE-2025-10020 Command Injection

Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component...

8.5CVSS7.2AI score0.04721EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/23 12:0 a.m.5 views

PT-2025-39208

Name of the Vulnerable Software and Affected Versions PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 Description An issue allows remote attackers to execute arbitrary code via the submit size.php component. Recommendations At the moment, there is no information about a newer version that contains a...

6.5CVSS7.5AI score0.0032EPSS
Exploits0References5
NVD
NVD
added 2015/01/21 6:59 p.m.19 views

CVE-2015-0392

Unspecified vulnerability in the Siebel Core - Server BizLogic Script component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Config - Scripting...

4.6CVSS5.5AI score0.01085EPSS
Exploits0References4
Rows per page
Query Builder