Lucene search
K

22 matches found

NVD
NVD
added 2026/06/26 3:16 p.m.9 views

CVE-2026-57636

Contributor SQL Injection in wpForo Forum = 3.0.9 versions...

8.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:17 p.m.8 views

CVE-2026-48887

Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...

6.5CVSS0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/13 11:42 a.m.5 views

CVE-2026-32366 WordPress Collapsing Categories plugin <= 3.0.9 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in robfelty Collapsing Categories collapsing-categories allows Blind SQL Injection.This issue affects Collapsing Categories: from n/a through = 3.0.9...

8.5CVSS5.8AI score0.00228EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/18 10:49 p.m.8 views

WordPress New User Approve plugin <= 3.0.9 - Unauthenticated Sensitive Information Disclosure via Type Juggling vulnerability

Unauthenticated Sensitive Information Disclosure via Type Juggling vulnerability discovered by Powpy in WordPress Plugin New User Approve versions = 3.0.9...

5.3CVSS6.6AI score0.00257EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2025/11/14 8:57 p.m.4 views

Unverified Password Change

Overview flowise-ui is a Affected versions of this package are vulnerable to Unverified Password Change via the profile update process. An attacker can gain unauthorized access to user accounts by changing the authentication password without additional verification steps. Note: This is only...

8.3CVSS7.2AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:2 a.m.7 views

CVE-2024-38764

Cross-Site Request Forgery CSRF vulnerability in Marsian allows Cross Site Request Forgery.This issue affects i-transform: from n/a through 3.0.9...

4.3CVSS5.1AI score0.00174EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/02/23 3:30 p.m.19 views

com.easy-flowable:easy-flowable-solon-plugin (>=1.0.0 <=1.0.2), com.luomor.pcsms:pcsms-solon-plugin-example (>=1.0.0 <=1.0.1) +17 more potentially affected by CVE-2025-1584 via org.noear:solon-web-staticfiles (>=2.9.2-M1 <=3.0.9-M2)

org.noear:solon-web-staticfiles MAVEN version =2.9.2-M1, =1.0.0, =1.0.0, =2024.3.0, =1.3.0, =20250107, =3.3.4, =1.8.4, =1.3.1, =1.7.8, =1.8.0, =2.9.2, =2.9.2, =2.9.2, =2.9.2, =3.0.10-M1 and more Source cves: CVE-2025-1584 Source advisory: OSV:GHSA-X8Q6-CCHR-P7M6...

5.3CVSS5.8AI score0.00526EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/10/28 12:0 a.m.6 views

PT-2024-16298 · Vince · Vince

Name of the Vulnerable Software and Affected Versions: VINCE versions prior to 3.0.9 Description: The issue allows exposure of user information to authenticated users. Recommendations: For versions prior to 3.0.9, update to version 3.0.9 or later to resolve the issue...

6.5CVSS6.8AI score0.00184EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/08/30 12:0 a.m.9 views

PT-2023-19869 · Premio · Premio Chaty Plugin

Name of the Vulnerable Software and Affected Versions: Premio Chaty plugin versions 3.0.9 and earlier Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowing them to steal...

7.1CVSS6.3AI score0.00401EPSS
Exploits0References5
NVD
NVD
added 2023/06/10 9:15 a.m.38 views

CVE-2023-3190

Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9...

4.6CVSS4.2AI score0.00522EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/06/10 9:15 a.m.4 views

CVE-2023-3190

Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9...

4.6CVSS5.8AI score0.00522EPSS
Exploits1References3
NVD
NVD
added 2023/06/10 9:15 a.m.25 views

CVE-2023-3191

Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9...

8.1CVSS6AI score0.00537EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/06/10 12:0 a.m.10 views

CVE-2023-3191 Cross-site Scripting (XSS) - Stored in nilsteampassnet/teampass

Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9...

8.1CVSS5.3AI score0.00537EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/06/10 12:0 a.m.3 views

PT-2023-23506 · Teampass · Teampass

Name of the Vulnerable Software and Affected Versions: teampass versions prior to 3.0.9 Description: The issue is related to improper encoding or escaping of output in the GitHub repository nilsteampassnet/teampass. This may have led to stored cross-site scripting XSS vectors in the application d...

4.6CVSS3.8AI score0.00522EPSS
Exploits1References9
NVD
NVD
added 2023/05/31 1:15 p.m.24 views

CVE-2023-3009

Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9...

8.1CVSS6AI score0.00683EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/05/24 12:0 a.m.38 views

CVE-2023-2859 Code Injection in nilsteampassnet/teampass

Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9...

7.1CVSS9.2AI score0.01649EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/12/15 9:15 p.m.11 views

CVE-2022-4527

A vulnerability was found in collective.task up to 3.0.8. It has been classified as problematic. This affects the function renderCell/AssignedGroupColumn of the file src/collective/task/browser/table.py. The manipulation leads to cross site scripting. It is possible to initiate the attack remotel...

6.1CVSS4AI score0.00542EPSS
Exploits0References4
Prion
Prion
added 2022/02/04 11:15 p.m.25 views

Design/Logic Flaw

The WP HTML Mail WordPress plugin is vulnerable to unauthorized access which allows unauthenticated attackers to retrieve and modify theme settings due to a missing capability check on the /themesettings REST-API endpoint found in the /includes/class-template-designer.php file, in versions up to...

4.3CVSS6.2AI score0.70511EPSS
Exploits3References2Affected Software1
Positive Technologies
Positive Technologies
added 2020/08/31 12:0 a.m.6 views

PT-2020-5746 · Flask +3 · Flask-Cors +3

Name of the Vulnerable Software and Affected Versions: Flask-CORS versions prior to 3.0.9 Description: The issue is related to incorrect path naming checks in the Flask-CORS extension for handling resource sharing between sources. This allows a remote attacker to access private resources by...

9.8CVSS6.5AI score0.65336EPSS
Exploits33References155
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:56 p.m.43 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server bundled with IBM i2 Intelligence Analysis Platform. (CVE 2015-7450)

Summary WebSphere Application Server is shipped as a component of IBM i2 Intelligence Analysis Platform. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin...

10CVSS3.1AI score0.97655EPSS
Exploits10Affected Software1
Rows per page
Query Builder