Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

30 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-21512

Malware in sbrugna...

6.5CVSS6.6AI score0.00166EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-7826

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00081EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-34209

Malicious code in bioql PyPI...

6.4CVSS8.7AI score0.00305EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 7:2 a.m.4 views

CVE-2024-11386

The GatorMail SmartForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gatormailsmartform' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/03/12 7:20 p.m.3 views

CVE-2025-27926

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files web.config containing passwords that are readable by unauthorized users...

4.3CVSS6.9AI score0.00081EPSS
Exploits0References1
OSV
OSVadded 2025/03/10 11:15 p.m.2 views

CVE-2025-27926

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files web.config containing passwords that are readable by unauthorized users...

5.3CVSS5.8AI score0.00081EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/03/10 12:0 a.m.3 views

CVE-2025-27926

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files web.config containing passwords that are readable by unauthorized users...

4.3CVSS4.7AI score0.00081EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/03/10 12:0 a.m.1 views

Nintex Automation 安全漏洞

Nintex Automation is a workflow automation software from Nintex. A security vulnerability exists in Nintex Automation versions prior to 5.8, which originates from a configuration file in the K2 SmartForms Designer folder that contains a password that can be read by an unauthorized user...

4.3CVSS6.7AI score0.00081EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/03/10 12:0 a.m.3 views

PT-2025-10645

Name of the Vulnerable Software and Affected Versions Nintex Automation versions 5.6 through 5.7 Description The issue concerns configuration files in the K2 SmartForms Designer folder that contain passwords readable by unauthorized users. Recommendations For Nintex Automation versions 5.6 throug...

5.3CVSS5.9AI score0.00081EPSS
Exploits0References7
Cvelist
Cvelistadded 2025/03/10 12:0 a.m.5 views

CVE-2025-27926

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files web.config containing passwords that are readable by unauthorized users...

4.3CVSS0.00081EPSS
Exploits0References1
NVD
NVDadded 2025/01/11 8:15 a.m.6 views

CVE-2024-11386

The GatorMail SmartForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gatormailsmartform' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00305EPSS
Exploits0References3
CVE
CVEadded 2025/01/11 7:21 a.m.41 views

CVE-2024-11386

CVE-2024-11386 affects the GatorMail SmartForms WordPress plugin (versions up to and including 1.1.0). It allows Stored Cross-Site Scripting via the gatormailsmartform shortcode due to insufficient input sanitization/output escaping. Exploitation requires at least contributor-level authentication...

6.4CVSS5.7AI score0.00305EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/01/11 7:21 a.m.5 views

CVE-2024-11386 GatorMail SmartForms <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The GatorMail SmartForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gatormailsmartform' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.00305EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/01/11 12:0 a.m.1 views

WordPress plugin GatorMail SmartForms 跨站脚本漏洞

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.Press is a Frappe open source Frappe custom application running the Frappe Cloud. A cross-site scripting vulnerability exists i...

6.4CVSS7.4AI score0.00305EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/01/11 12:0 a.m.2 views

PT-2025-1652 · WordPress · Gatormail Smartforms

Name of the Vulnerable Software and Affected Versions: GatorMail SmartForms plugin for WordPress versions up to, and including, 1.1.0 Description: The issue is related to Stored Cross-Site Scripting in the GatorMail SmartForms plugin for WordPress. This is due to insufficient input sanitization a...

6.4CVSS6.2AI score0.00305EPSS
Exploits0References6
Patchstack
Patchstackadded 2025/01/10 9:49 p.m.2 views

WordPress GatorMail SmartForms plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin GatorMail SmartForms versions = 1.1.0...

6.4CVSS5.7AI score0.00305EPSS
Exploits0References1Affected Software1
CNVD
CNVDadded 2018/05/25 12:0 a.m.1 views

K2 smartforms server-side request forgery vulnerability

K2 smartforms is the United States K2 company's a browser-based smart form adding tools. A server-side request forgery vulnerability exists in the runtime application in K2 smartforms version 4.6.11. An attacker can exploit this vulnerability by modifying the hostname in the...

6.5CVSS6.9AI score0.00166EPSS
Exploits1References1
NVD
NVDadded 2018/05/24 1:29 p.m.14 views

CVE-2018-9920

Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https:///Identity/STS/Forms/Scripts URL...

6.5CVSS6.5AI score0.00166EPSS
Exploits1References1
OSV
OSVadded 2018/05/24 1:29 p.m.1 views

CVE-2018-9920

Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https:///Identity/STS/Forms/Scripts URL...

6.5CVSS5.8AI score
Exploits0References1
Prion
Prionadded 2018/05/24 1:29 p.m.27 views

Server side request forgery (ssrf)

Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https:///Identity/STS/Forms/Scripts URL...

6.4CVSS6.5AI score0.00166EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder