Lucene search
K

4242 matches found

Nuclei
Nuclei
added 12 hours ago73 views

SysAid Technologies 20.3.64 b14 - Cross-Site Scripting

SysAid 20.3.64 b14 contains a cross-site scripting vulnerability via the /KeepAlive.jsp?stamp= URI. id: CVE-2021-30049 info: name: SysAid Technologies 20.3.64 b14 - Cross-Site Scripting author: daffainfo severity: medium description: SysAid 20.3.64 b14 contains a cross-site scripting vulnerabilit...

6.1CVSS6.4AI score0.0247EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday82 views

Kemp LoadMaster Load Balancer - Unauthenticated Command Injection

Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: LoadMaster: 7.2.40.0 and above. ECS: All versions.Multi-Tenancy: 7.1.35.4 and above. id: CVE-2024-7591 info: name: Kemp LoadMaster Load Balancer - Unauthenticated Command Injection autho...

10CVSS7.1AI score0.44069EPSS
Exploits1References4
NVD
NVD
added 6 days ago10 views

CVE-2026-1365

Insertion of sensitive information into sent data vulnerability in Sayax Energy Technologies Inc. OSOS allows Authentication Bypass. This issue affects OSOS: through 09072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

6.5CVSS0.00443EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-1365

Insertion of sensitive information into sent data vulnerability in Sayax Energy Technologies Inc. OSOS allows Authentication Bypass. This issue affects OSOS: through 09072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

6.5CVSS5.9AI score0.00443EPSS
Exploits0References2
NVD
NVD
added 2026/07/07 8:16 a.m.10 views

CVE-2026-8377

Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Collect Data from Common Resource Locations. This issue affects Access Control System GKS: before Version 2...

8.2CVSS0.00198EPSS
Exploits0References1
NVD
NVD
added 2026/07/07 8:16 a.m.12 views

CVE-2026-7380

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows XSS Targeting HTML Attributes. This issue affects Access Control System GKS: before Version 2...

6.1CVSS0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/07 7:25 a.m.8 views

EUVD-2026-42019

Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Collect Data from Common Resource Locations. This issue affects Access Control System GKS: before Version 2...

8.2CVSS5.9AI score0.00198EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/07 7:25 a.m.34 views

CVE-2026-8377 Improper Authorization in Armiya Technologies' Access Control System

Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Collect Data from Common Resource Locations. This issue affects Access Control System GKS: before Version 2...

8.2CVSS0.00198EPSS
Exploits0References1
CVE
CVE
added 2026/07/07 7:8 a.m.11 views

CVE-2026-8309

The CVE-2026-8309 applies to Armiya Information Technologies Ltd. Co. Access Control System (GKS), affected before Version 2. It is a Reflected XSS caused by improper input neutralization during web page generation. The CVSS v3.1 base metrics indicate a Medium impact (5.4) with network attack vec...

5.4CVSS5.9AI score0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/07 7:8 a.m.8 views

EUVD-2026-42018

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Reflected XSS. This issue affects Access Control System GKS: before Version 2...

5.4CVSS5.9AI score0.00133EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/07 7:8 a.m.6 views

CVE-2026-8309

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Reflected XSS. This issue affects Access Control System GKS: before Version 2...

5.4CVSS5.9AI score0.00133EPSS
Exploits0References2
CVE
CVE
added 2026/07/07 7:2 a.m.14 views

CVE-2026-8306

CVE-2026-8306 describes a Stored XSS in Armiya Information Technologies Ltd. Co. Access Control System (GKS) prior to version 2, caused by improper neutralization of input during web page generation. The vulnerability allows stored cross-site scripting in the GKS web interface. CVSS3.1 base score...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/07 7:2 a.m.8 views

EUVD-2026-42017

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Stored XSS. This issue affects Access Control System GKS: before Version 2...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/07 7:2 a.m.5 views

CVE-2026-8306

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Stored XSS. This issue affects Access Control System GKS: before Version 2...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/07 7:2 a.m.32 views

CVE-2026-8306 Stored XSS in Armiya Technologies' Access Control System

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows Stored XSS. This issue affects Access Control System GKS: before Version 2...

6.1CVSS0.00149EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/07 6:57 a.m.32 views

CVE-2026-7380 HTML Injection in Armiya Technologies' Access Control System

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Armiya Information Technologies Ltd. Co. Access Control System GKS allows XSS Targeting HTML Attributes. This issue affects Access Control System GKS: before Version 2...

6.1CVSS0.00149EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 4:30 a.m.32 views

CVE-2026-8944 Plugin for Google Analytics by IO technologies <= 1.1 - Cross-Site Request Forgery via 'ga_id' Parameter

The Plugin for Google Analytics by IO technologies plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the Google Analytics settings page ga.php. This makes it possible for unauthenticated...

4.3CVSS0.00102EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-53812

Name of the Vulnerable Software and Affected Versions Plugin for Google Analytics by IO technologies versions prior to 1.2 Description Cross-Site Request Forgery occurs on the Google Analytics settings page 'ga.php' due to missing or incorrect nonce validation. A nonce is a unique token used to...

4.3CVSS5.8AI score0.00102EPSS
Exploits0References9
Patchstack
Patchstack
added 2026/06/29 4:17 p.m.7 views

WordPress Plugin for Google Analytics by IO technologies plugin <= 1.1 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Plugin for Google Analytics by IO technologies versions = 1.1...

4.3CVSS5.8AI score0.00102EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/15 12:47 p.m.36 views

CVE-2026-5242 Code Injection in Mia Technologies' Pizzy Library

Improper neutralization of formula elements in a CSV file vulnerability in MIA Technology Inc. Pizzy Library allows Code Injection. This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250...

8.8CVSS0.00304EPSS
Exploits0References1
Rows per page
Query Builder