Lucene search
K

1352 matches found

OSV
OSV
added 2019/12/26 3:15 p.m.2 views

CVE-2019-19541

The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Best Day/Night field on the new listing submit page...

5.4CVSS6.1AI score
Exploits0References1
OSV
OSV
added 2019/12/26 3:15 p.m.4 views

CVE-2019-19542

The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Good For field on the new listing submit page...

5.4CVSS6.1AI score0.00717EPSS
Exploits2References1
NVD
NVD
added 2019/12/26 3:15 p.m.26 views

CVE-2019-19542

The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Good For field on the new listing submit page...

5.4CVSS5.4AI score0.00717EPSS
Exploits2References1
NVD
NVD
added 2019/12/26 3:15 p.m.12 views

CVE-2019-19541

The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Best Day/Night field on the new listing submit page...

5.4CVSS5.4AI score0.00717EPSS
Exploits2References1
Prion
Prion
added 2019/12/26 3:15 p.m.16 views

Cross site scripting

The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Good For field on the new listing submit page...

3.5CVSS5.3AI score0.00717EPSS
Exploits2References1Affected Software1
CNVD
CNVD
added 2019/11/20 12:0 a.m.3 views

Linux kernel resource management error vulnerability (CNVD-2019-41705)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A resource management error vulnerability exists in the 'v3dsubmitclioctl' function in the drivers/gpu/drm/v3d/v3dgem.c file in versions of Linux kernel prior to 5.3.1...

7.8CVSS8.1AI score0.04146EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2019/11/18 6:15 a.m.3 views

CVE-2019-19052

A memory leak in the gscanopen function in drivers/net/can/usb/gsusb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory consumption by triggering usbsubmiturb failures, aka CID-fb5be6a7b486...

7.8CVSS8.3AI score0.05376EPSS
Exploits0References23
OSV
OSV
added 2019/11/18 6:15 a.m.2 views

UBUNTU-CVE-2019-19052

A memory leak in the gscanopen function in drivers/net/can/usb/gsusb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory consumption by triggering usbsubmiturb failures, aka CID-fb5be6a7b486...

7.5CVSS6.8AI score0.05376EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2019/11/18 6:15 a.m.4 views

CVE-2019-19044

Two memory leaks in the v3dsubmitclioctl function in drivers/gpu/drm/v3d/v3dgem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service memory consumption by triggering kcalloc or v3djobinit failures, aka CID-29cd13cfd762...

7.8CVSS8.2AI score0.04146EPSS
Exploits0References7
CNVD
CNVD
added 2019/11/18 12:0 a.m.2 views

Linux kernel memory leak vulnerability (CNVD-2019-41278)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory leak vulnerability exists in the ath10kusbhiftxsg function in drivers/net/wireless/ath/ath10k/usb.c in Linux...

7.8CVSS8.2AI score0.06623EPSS
Exploits0References1
CNVD
CNVD
added 2019/11/18 12:0 a.m.3 views

Linux kernel memory leak vulnerability (CNVD-2019-41264)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory leak vulnerability exists in the rtl8xxxusubmitinturb function in...

4.9CVSS6.9AI score0.00451EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/10/23 12:0 a.m.4 views

PT-2019-4091 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.3.11 Description: The issue is related to two memory leaks in the v3d submit cl ioctl function, located in drivers/gpu/drm/v3d/v3d gem.c. This can lead to a denial of service due to memory consumption when...

10CVSS7AI score0.16908EPSS
Exploits17References266
BDU FSTEC
BDU FSTEC
added 2019/08/20 12:0 a.m.5 views

The vulnerability of the onSubmit() method of the Horde_Form_Type_image class (Horde/Form/Type.php) in the php-horde-form functionality allows a attacker to compromise data integrity, gain access to confidential data, and cause service interruptions.

The vulnerability of the onSubmit method in the HordeFormTypeimage class Horde/Form/Type.php of the php-horde-form functionality package is related to incorrect elimination of special characters in the POST parameter. This can lead to incorrect restrictions on the path to a restricted directory...

8.8CVSS5.5AI score0.19165EPSS
Exploits3References5Affected Software2
Exploit DB
Exploit DB
added 2019/07/15 12:0 a.m.147 views

FlightPath < 4.8.2 / < 5.0-rc2 - Local File Inclusion

Exploit Title: FlightPath 4.8.2 & 5.0-rc2 - Local File Inclusion Date: 07-07-2019 Exploit Author: Mohammed Althibyani Vendor Homepage: http://getflightpath.com Software Link: http://getflightpath.com/project/9/releases Version: 4.8.2 & 5.0-rc2 Tested on: Kali Linux CVE : CVE-2019-13396 Parameters...

5.3CVSS5.6AI score0.62572EPSS
Exploits5
OSV
OSV
added 2019/07/10 2:15 p.m.3 views

CVE-2019-13396

FlightPath 4.x and 5.0-x allows directory traversal and Local File Inclusion through the forminclude parameter in an index.php?q=system-handle-form-submit POST request because of an includeonce in systemhandleformsubmit in modules/system/system.module...

5.3CVSS6.1AI score0.62572EPSS
Exploits5References2
CVE
CVE
added 2019/07/10 1:45 p.m.88 views

CVE-2019-13396

FlightPath is affected by CVE-2019-13396: versions prior to 4.8.2 and 5.0-rc2 contain a Local File Inclusion vulnerability caused by include_once in system_handle_form_submit, enabling directory traversal via the form_include parameter in index.php?q=system-handle-form-submit. Impact cited includ...

5.3CVSS5.2AI score0.62572EPSS
In wildExploits5References2Affected Software1
CNVD
CNVD
added 2019/06/20 12:0 a.m.2 views

Open Faculty Evaluation System SQL Injection Vulnerability (CNVD-2019-18736)

Open Faculty Evaluation System is a PHP and MySQL based teacher evaluation system. The system provides Web-based graphical reports and Excel file reports, and supports student subject ratings for teachers. A SQL injection vulnerability exists in the submitfeedback.php file in Open Faculty...

9.8CVSS8.2AI score0.02338EPSS
Exploits1References1
OSV
OSV
added 2019/06/19 4:15 p.m.4 views

CVE-2018-18758

Open Faculty Evaluation System 7 for PHP 7 allows submitfeedback.php SQL Injection, a different vulnerability than CVE-2018-18757...

9.8CVSS5.8AI score0.02338EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2019/05/31 12:0 a.m.8 views

PT-2019-11725 · Jenkins · Jenkins Artifactory Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Artifactory Plugin versions 3.2.2 and earlier Description: A cross-site request forgery issue allows attackers to perform certain actions, including scheduling a release build, performing release staging for Gradle and Maven projects,...

6.5CVSS6.6AI score0.00751EPSS
Exploits0References8
Exploit DB
Exploit DB
added 2019/05/17 12:0 a.m.398 views

Interspire Email Marketer 6.20 - 'surveys_submit.php' Remote Code Execution

Exploit Title: Interspire Email Marketer 6.20 - Remote Code Execution Date: May 2019 Exploit Author: Numan Türle Vendor Homepage: https://www.interspire.com Software Link: https://www.interspire.com/emailmarketer Version: 6.20 $widget foreach $widget as $widgetKey = $fields foreach $fields as...

8.8CVSS8.8AI score0.05993EPSS
Exploits4
Rows per page
Query Builder