Lucene search
K

4 matches found

Patchstack
Patchstack
added 2025/11/05 1:37 a.m.5 views

WordPress Phlox Portfolio plugin <= 2.3.10 - Unauthenticated Local File Inclusion via args[extra_template_path] vulnerability

Unauthenticated Local File Inclusion via argsextratemplatepath vulnerability discovered by LionTree in WordPress Plugin Phlox Portfolio versions = 2.3.10...

8.1CVSS6.8AI score0.00606EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/31 10:2 a.m.2 views

CVE-2025-9725 Cudy LT500E Web shadow hard-coded password

A vulnerability was identified in Cudy LT500E up to 2.3.12. Affected is an unknown function of the file /squashfs-root/etc/shadow of the component Web Interface. The manipulation leads to use of hard-coded password. The attack must be carried out locally. The attack's complexity is rated as high...

2.5CVSS6.1AI score0.00321EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.6 views

PT-2024-35267 · Unknown · Event Tickets With Ticket Scanner

Name of the Vulnerable Software and Affected Versions: Event Tickets with Ticket Scanner versions 2.3.11 and earlier Description: The issue affects Event Tickets with Ticket Scanner, allowing Server Side Include SSI Injection due to improper neutralization of special elements used in a template...

9.9CVSS9.7AI score0.00726EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/11/10 12:0 a.m.10 views

PT-2022-26109 · Ez Systems · Ezplatform-Graphql

Name of the Vulnerable Software and Affected Versions: ezplatform-graphql versions prior to 1.0.13 ezplatform-graphql versions prior to 2.3.12 Description: The issue concerns the exposure of password hashes of users who have created or modified content, typically administrators and editors, throu...

7.5CVSS5.3AI score0.01295EPSS
Exploits1References7
Rows per page
Query Builder