Lucene search
+L

8 matches found

CNNVD
CNNVD
added 2025/12/18 12:0 a.m.6 views

WordPress plugin PDF for WPForms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

8.8CVSS6.7AI score0.00368EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:3 a.m.8 views

CVE-2024-28852

Ampache is a web based audio/video streaming application and file manager. Ampache has multiple reflective XSS vulnerabilities,this means that all forms in the Ampache that use rule as a variable are not secure. For example, when querying a song, when querying a podcast, we need to use $rule...

6.1CVSS5.9AI score0.00516EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/01/31 12:0 a.m.11 views

PT-2024-19245 · Peepso · Peepso Community

Name of the Vulnerable Software and Affected Versions: PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles versions prior to 6.3.1.0 Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site...

6.5CVSS5.8AI score0.00317EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/06/25 12:0 a.m.3 views

INEX IXP-Manager 跨站脚本漏洞

INEX IXP-Manager is an INEX open source web application. A security vulnerability exists in INEX IXP-Manager versions prior to 6.3.1. An attacker exploited the vulnerability to perform cross-site scripting attacks...

6.1CVSS5.9AI score0.00399EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/22 12:0 a.m.3 views

Tornado 输入验证错误漏洞

Tornado is a Python web framework and asynchronous networking library from the Chinese Tornado Technology Tornado community. The library scales to thousands of open connections through the use of non-blocking network I/O, making it well suited for long-time polling, WebSockets, and other...

6.1CVSS6.3AI score0.01132EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/03/01 12:0 a.m.4 views

WordPress plugin Mercado Pago payments for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS7.7AI score0.00285EPSS
Exploits0References3
OSV
OSV
added 2022/04/06 4:15 p.m.4 views

CVE-2021-26116

An improper neutralization of special elements used in an OS command vulnerability in the command line interpreter of FortiAuthenticator before 6.3.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands...

8.8CVSS5.9AI score0.00598EPSS
Exploits0References1
CNVD
CNVD
added 2017/04/12 12:0 a.m.3 views

SolarWinds Log and Event Manager Command Execution Vulnerability

SolarWinds Log and Event Manager LEM is a log and event manager from SolarWinds, Inc. that provides real-time log analysis, memory event correlation, and threat attack response. A security vulnerability exists in SolarWinds LEM versions prior to 6.3.1 Hotfix 4. An attacker can exploit the...

8.8CVSS7.3AI score0.02875EPSS
Exploits0References1
Rows per page
Query Builder