Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.5 views

PT-2026-1619

Name of the Vulnerable Software and Affected Versions AH Shortcodes plugin for WordPress versions prior to 1.0.3 Description The AH Shortcodes plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'column' shortcode attribute. Insufficient input sanitization and output...

6.4CVSS5.3AI score0.00279EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/10/20 12:0 a.m.6 views

PT-2024-33468 · Unknown · Woostagram Connect

Name of the Vulnerable Software and Affected Versions: Woostagram Connect versions 1.0.0 through 1.0.2 Description: The issue allows unrestricted upload of dangerous file types, which can lead to web server compromise by uploading a web shell. This can be exploited by uploading malicious files to...

10CVSS7.2AI score0.00501EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2020/04/06 12:0 a.m.5 views

PT-2020-19675 · Unknown · Eivindfjeldstad-Dot

Name of the Vulnerable Software and Affected Versions: eivindfjeldstad-dot versions prior to 1.0.3 Description: The issue concerns a Prototype Pollution problem. The set function can be tricked into adding or modifying properties of Object.prototype using a proto payload. This allows for potentia...

5.3CVSS5.1AI score0.01097EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2016/02/07 12:0 a.m.7 views

PT-2016-3817

Name of the Vulnerable Software and Affected Versions rails-html-sanitizer gem versions prior to 1.0.3 Ruby on Rails versions 4.2.x and 5.x Description A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node. This is due to a...

7.5CVSS6.5AI score0.95537EPSS
Exploits23References56
Positive Technologies
Positive Technologies
added 2016/02/07 12:0 a.m.7 views

PT-2016-3815

Name of the Vulnerable Software and Affected Versions rails-html-sanitizer gem versions prior to 1.0.3 Ruby on Rails versions 4.2.x and 5.x Description The issue allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes, which can lead to cross-site scripting XSS...

7.5CVSS6.5AI score0.95537EPSS
Exploits23References58
Rows per page
Query Builder