Lucene search
K

4242 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:52 a.m.4 views

CVE-2013-6018

Cross-site request forgery CSRF vulnerability in login.jsp in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to hijack the authentication of arbitrary users for requests that change a password...

6.8CVSS7.6AI score0.00619EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:51 a.m.10 views

CVE-2013-6020

passwordRequestPOST.jsp in Tyler Technologies TaxWeb 3.13.3.1 sends different HTTP status codes for invalid password-recovery requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests to the 1 Assessor, 2 Recorder, or ...

5.8CVSS6.5AI score0.01281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:51 a.m.7 views

CVE-2013-6019

Cross-site scripting XSS vulnerability in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to inject arbitrary web script or HTML via the accountNum parameter to an unspecified component...

4.3CVSS5.9AI score0.01012EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:17 a.m.4 views

CVE-2025-1035

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Komtera Technolgies KLog Server allows Manipulating Web Input to File System Calls. This issue affects KLog Server: before 3.1.1...

5.7CVSS5.4AI score0.09676EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:11 a.m.9 views

CVE-2025-1927

Cross-Site Request Forgery CSRF vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Cross Site Request Forgery.This issue affects Online Food Delivery System: through 19122025...

7.1CVSS6.8AI score0.00125EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:8 a.m.4 views

CVE-2024-2882

SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring system authentication. This breach could potentially lead to unauthorized control, data manipulation, and access to sensitive information within the SCADA system...

9.3CVSS6.5AI score0.00656EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 5:32 a.m.14 views

CVE-2025-49354

Cross-Site Request Forgery CSRF vulnerability in Mindstien Technologies Recent Posts From Each Category recent-posts-from-each-category allows Stored XSS.This issue affects Recent Posts From Each Category: from n/a through = 1.4...

7.1CVSS5.9AI score0.00096EPSS
Exploits0References1
NVD
NVD
added 2025/12/31 4:15 p.m.4 views

CVE-2025-63004

Missing Authorization vulnerability in Skynet Technologies USA LLC All in One Accessibility all-in-one-accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All in One Accessibility: from n/a through = 1.15...

4.3CVSS0.00155EPSS
Exploits0References1
CVE
CVE
added 2025/12/31 4:6 p.m.9 views

CVE-2025-63004

CVE-2025-63004 involves a Missing Authorization vulnerability in the WordPress plugin All in One Accessibility by Skynet Technologies USA LLC. Public data indicates affected version range is from n/a through 1.14, with a CVSS3.1 base score of 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). The connect...

4.3CVSS5.9AI score0.00155EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/31 4:6 p.m.24 views

CVE-2025-63004 WordPress All in One Accessibility plugin <= 1.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in Skynet Technologies USA LLC All in One Accessibility all-in-one-accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects All in One Accessibility: from n/a through = 1.15...

4.3CVSS0.00155EPSS
Exploits0References1
NVD
NVD
added 2025/12/31 2:15 p.m.5 views

CVE-2025-62119

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ViitorCloud Technologies Pvt Ltd Add Featured Image Custom Link custom-url-to-featured-image allows DOM-Based XSS.This issue affects Add Featured Image Custom Link: from n/a through = 2.0.0...

5.9CVSS0.00176EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 1:43 p.m.4 views

EUVD-2025-205960

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ViitorCloud Technologies Pvt Ltd Add Featured Image Custom Link allows DOM-Based XSS.This issue affects Add Featured Image Custom Link: from n/a through 2.0.0...

5.9CVSS5.9AI score0.00176EPSS
Exploits0References2
NVD
NVD
added 2025/12/31 6:15 a.m.7 views

CVE-2025-49354

Cross-Site Request Forgery CSRF vulnerability in Mindstien Technologies Recent Posts From Each Category recent-posts-from-each-category allows Stored XSS.This issue affects Recent Posts From Each Category: from n/a through = 1.4...

7.1CVSS0.00096EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 5:30 a.m.6 views

EUVD-2025-205880

Cross-Site Request Forgery CSRF vulnerability in Mindstien Technologies Recent Posts From Each Category allows Stored XSS.This issue affects Recent Posts From Each Category: from n/a through 1.4...

7.1CVSS6.1AI score0.00096EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.7 views

PT-2025-54280

Name of the Vulnerable Software and Affected Versions Mindstien Technologies Recent Posts From Each Category versions 1.4 and earlier Description The Recent Posts From Each Category plugin contains a Cross-Site Request Forgery CSRF issue and a Stored Cross-Site Scripting XSS issue. The CSRF flaw...

7.1CVSS4.9AI score0.00096EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/24 8:14 p.m.5 views

CVE-2025-8769 MegaSys Computer Technologies Telenium Online Web Application Improper Input Validation

Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server...

9.8CVSS7.8AI score0.00895EPSS
Exploits0References3
NVD
NVD
added 2025/12/19 1:16 p.m.5 views

CVE-2025-1928

Improper Restriction of Excessive Authentication Attempts vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Password Recovery Exploitation. This issue affects Online Food Delivery System: through 19122025. NOTE: The vendor was contacted early about this...

9.1CVSS0.00322EPSS
Exploits0References2
NVD
NVD
added 2025/12/19 12:15 p.m.5 views

CVE-2025-1927

Cross-Site Request Forgery CSRF vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Cross Site Request Forgery. This issue affects Online Food Delivery System: through 19122025. NOTE: The vendor was contacted early about this disclosure but did not respond i...

7.1CVSS0.00125EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/19 12:8 p.m.4 views

CVE-2025-1928 Improper Authentication in Restajet's Online Food Delivery System

Improper Restriction of Excessive Authentication Attempts vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Password Recovery Exploitation. This issue affects Online Food Delivery System: through 19122025. NOTE: The vendor was contacted early about this...

9.1CVSS5.4AI score0.00322EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/19 12:8 p.m.30 views

CVE-2025-1928 Improper Authentication in Restajet's Online Food Delivery System

Improper Restriction of Excessive Authentication Attempts vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Password Recovery Exploitation. This issue affects Online Food Delivery System: through 19122025. NOTE: The vendor was contacted early about this...

9.1CVSS0.00322EPSS
Exploits0References2
Rows per page
Query Builder