Lucene search
+L

18 matches found

cve
cve
added 2 days ago9 views

CVE-2026-52839

Easy!Appointments versions before 1.6.0 allow cross-provider appointment injection via unauthorized use of the store and update endpoints. The vulnerability arises because store/update do not verify that id_users_provider belongs to the current session, enabling a provider to add or reassign appo...

3.3CVSS6.1AI score0.00146EPSS
Exploits0References2
osv
osv
added 2026/03/04 4:55 p.m.13 views

CLSA-2026-1772643333 Update of nss

update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "ePKI Root Certification Authority" - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go...

5.8AI score
Exploits0References1
redhatcve
redhatcve
added 2026/01/07 9:19 a.m.8 views

CVE-2024-2998

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Store Update Page. The manipulation of the argument Store Name/Store Address leads to cross site...

5.4CVSS3.5AI score0.00546EPSS
Exploits1References1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27938

Malicious code in bioql PyPI...

5.4CVSS4AI score0.00546EPSS
Exploits1References4
osv
osv
added 2025/08/08 7:17 p.m.9 views

CLSA-2025-1754680650 Update of nss

update to CKBI 2.74 from NSS 3.110 - updated certificates: - Certificate "certSIGN ROOT CA" - Certificate "ACCVRAIZ1" - Certificate "Entrust Root Certification Authority - G4" - Certificate "Security Communication ECC RootCA1" - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root...

5.8AI score
Exploits0References1
osv
osv
added 2024/11/06 4:26 p.m.7 views

CLSA-2024-1730910356 Update of nss

update to CKBI 2.69 from NSS 3.103 - updated certificates: - Certificate "OISTE WISeKey Global Root GC CA" - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed certificates: - Certificate "Security Communication Root CA" - Certificate "Camerfirma Chambers of...

5.8AI score
Exploits0References1
osv
osv
added 2024/07/30 8:15 a.m.3 views

DEBIAN-CVE-2024-42160

In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fsbuildfaultattr - It missed to check validation of fault attrs in parseoptions, let's fix to add check condition in f2fsbuildfaultattr. - Use f2fsbuildfaultattr in sbistore to clean up...

7.8CVSS6.2AI score0.00239EPSS
Exploits0References1
osv
osv
added 2024/03/27 9:15 p.m.6 views

CVE-2024-2998

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Store Update Page. The manipulation of the argument Store Name/Store Address leads to cross site...

5.4CVSS3.5AI score0.00546EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2024/03/27 8:31 p.m.15 views

CVE-2024-2998 Bdtask Multi-Store Inventory Management System Store Update Page cross site scripting

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Store Update Page. The manipulation of the argument Store Name/Store Address leads to cross site...

3.3CVSS6AI score0.00546EPSS
Exploits1References4
cve
cve
added 2024/03/27 8:31 p.m.66 views

CVE-2024-2998

The CVE-2024-2998 entry concerns the Bdtask Multi-Store Inventory Management System (up to 20240320). The vulnerability affects the Store Update Page where manipulating the Store Name/Store Address parameter can trigger cross-site scripting (XSS). The issue is described as exploitable remotely an...

5.4CVSS3.3AI score0.00546EPSS
Exploits1References4Affected Software1
ptsecurity
ptsecurity
added 2024/03/27 12:0 a.m.5 views

PT-2024-23175 · Unknown · Bdtask Multi-Store Inventory Management System

Name of the Vulnerable Software and Affected Versions: Bdtask Multi-Store Inventory Management System versions up to 20240320 Description: A problematic issue was found in the Store Update Page component of the Bdtask Multi-Store Inventory Management System. The manipulation of the Store Name and...

5.4CVSS3.3AI score0.00546EPSS
Exploits1References8
cnnvd
cnnvd
added 2024/03/27 12:0 a.m.5 views

Inventory Management System 跨站脚本漏洞

Inventory Management System is an inventory management system for stemword individual developers. A cross-site scripting vulnerability exists in Bdtask Multi-Store Inventory Management System 20240320 and prior versions, which stems from a cross-site scripting XSS vulnerability in the component...

5.4CVSS3.8AI score0.00546EPSS
Exploits1References5
osv
osv
added 2024/01/22 4:29 p.m.8 views

CLSA-2024-1705940980 Update of ca-certificates

Update to CKBI 2.64 from NSS 3.95 - Removed: - Certificate "Chambers of Commerce Root - 2008" - Certificate "E-Tugra Certification Authority" - Certificate "Global Chambersign Root - 2008" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification...

5.8AI score
Exploits0References1
osv
osv
added 2023/02/14 6:15 p.m.3 views

CVE-2023-22942

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway SSG app in the ‘kvstoreclient’ REST endpoint lets a potential attacker update SSG KV store collections using an HTTP GET request...

4.3CVSS5.7AI score0.00203EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2022/09/06 12:0 a.m.6 views

PT-2022-4714 · Hewlett Packard · Hp Support Assistant +1

Name of the Vulnerable Software and Affected Versions: HP Support Assistant version 9 Description: The issue is related to a DLL hijacking vulnerability in HP Support Assistant, which uses HP Performance Tune-up as a diagnostic tool. This vulnerability can be exploited by an attacker to elevate...

7.8CVSS7.3AI score0.02776EPSS
Exploits0References7
jvn
jvn
added 2019/01/24 6:37 a.m.4 views

HOUSE GATE App for iOS vulnerable to directory traversal

Overview HOUSE GATE App for iOS provided by HOUSE GATE inc. uses the old version of cordova-plugin-ionic-webview, and inherits a directory traversal vulnerability CWE-22, CVE-2018-16202. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC...

7.5CVSS6.8AI score0.02158EPSS
Exploits0References6
mskb
mskb
added 2017/03/22 12:0 a.m.3 views

March 22, 2017—KB4016635 (OS Build 14393.970)

None None...

6.1AI score
Exploits0
jvn
jvn
added 2013/01/18 4:39 a.m.5 views

Documents Pro (formerly Files HD) vulnerable to directory traversal

Overview Documents Pro provided by Olive Toast Software Ltd. contains a directory traversal vulnerability. Documents Pro provided by Olive Toast Software Ltd. is a document viewer for iOS devices. Documents Pro contains a directory traversal vulnerability. Keigo Yamazaki of LAC Co., Ltd reported...

7.5CVSS6.7AI score0.01839EPSS
Exploits0References5
Rows per page
Query Builder