Lucene search
+L

2906 matches found

attackerkb
attackerkb
added 2026/05/17 12:11 p.m.8 views

CVE-2018-25329

WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file paths into the url parameter. Attackers can send GET requests to wp.spritz.content.filter.php with malicious url values to access...

8.7CVSS6AI score0.00403EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/05/16 3:25 p.m.18 views

CVE-2020-37235

CVE-2020-37235 concerns WordPress Theme Wibar 1.1.8, where a stored XSS flaw exists in the Brand component. The vulnerability allows authenticated users with editor/administrator/contributor/author roles to inject base64-encoded script payloads via the ftc_brand_url input field, resulting in arbi...

6.4CVSS5.9AI score0.00243EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/16 3:25 p.m.45 views

CVE-2020-37235 WordPress Theme Wibar 1.1.8 Stored Cross-Site Scripting via Brand Component

WordPress Theme Wibar 1.1.8 contains a stored cross-site scripting vulnerability in the Brand component that allows authenticated users to inject malicious scripts by manipulating the Logo URL parameter. Attackers with editor, administrator, contributor, or author privileges can inject...

6.4CVSS0.00243EPSS
Exploits0References4
veracode
veracode
added 2026/05/16 5:25 a.m.11 views

Server-Side Request Forgery

Arcane is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the /api/templates/fetch endpoint accepting a user-controlled url parameter and performing server-side HTTP requests without authentication or validation of the URL scheme and destination host, allowing...

7.2CVSS5.9AI score0.00621EPSS
Exploits1References3Affected Software1
veracode
veracode
added 2026/05/16 5:23 a.m.5 views

Sensitive Information Exposure

Portainer Community Edition is vulnerable to Exposure of Sensitive Information. The vulnerability is due to the authentication middleware accepting JWT bearer tokens through the ?token= URL query parameter, which allows an attacker to obtain authentication tokens from browser history, proxy logs,...

7.7CVSS5.8AI score0.00316EPSS
Exploits1References4Affected Software1
osv
osv
added 2026/05/15 6:36 p.m.3 views

CVE-2026-45008 phpMyFAQ - Path Traversal in Client::deleteClientFolder via URL Parameter

phpMyFAQ before 4.1.2 contains a path traversal vulnerability in Client::deleteClientFolder that allows admins with INSTANCEDELETE permission to delete arbitrary directories. Attackers can submit traversal sequences like https://../../../ in the client URL parameter to recursively delete...

7CVSS6AI score0.00266EPSS
Exploits0References4
snyk
snyk
added 2026/05/15 4:21 p.m.14 views

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via the logout process. An attacker can redirect users to arbitrary external websites by supplying a crafted url parameter. This is only exploitable if the configuration option enablelogout is set to true, and is most...

6.1CVSS6AI score0.00269EPSS
Exploits1References2
osv
osv
added 2026/05/15 4:21 p.m.9 views

GHSA-CVRM-5HP6-H523 SimpleSAMLphp casserver: Open Redirect in logout

Summary The logout endpoint accepts a url query parameter to redirect to. casserver treats that url as trusted, and either depending on configuration redirects the browser there, or shows a "you've been logged out" page with a link to continue to that url. There are a number of other things broke...

4.7CVSS5.8AI score0.00269EPSS
Exploits1References6
github
github
added 2026/05/15 4:21 p.m.12 views

SimpleSAMLphp casserver: Open Redirect in logout

Summary The logout endpoint accepts a url query parameter to redirect to. casserver treats that url as trusted, and either depending on configuration redirects the browser there, or shows a "you've been logged out" page with a link to continue to that url. There are a number of other things broke...

6.1CVSS5.8AI score0.00269EPSS
Exploits1References6Affected Software1
ptsecurity
ptsecurity
added 2026/05/15 12:0 a.m.13 views

PT-2026-41385

Name of the Vulnerable Software and Affected Versions SimpleSAMLphp-casserver versions prior to 6.3.1 SimpleSAMLphp-casserver versions prior to 7.0.0 Description The logout endpoint accepts a url query parameter for redirection. The server treats this URL as trusted and, depending on the...

6.1CVSS5.8AI score0.00269EPSS
Exploits1References13
cvelist
cvelist
added 2026/05/14 8:24 a.m.64 views

CVE-2026-6514 InfusedWoo Pro <= 5.1.2 - Unauthenticated Arbitrary File Read via 'url' Parameter

The InfusedWoo Pro plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.1.2 via the popupsubmit. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to...

7.5CVSS0.00271EPSS
Exploits0References2
cve
cve
added 2026/05/14 8:24 a.m.21 views

CVE-2026-6514

The CVE concerns InfusedWoo Pro for WordPress (all versions up to 5.1.2) with an Arbitrary File Read vulnerability exploitable via the popup_submit parameter. The root cause enables unauthenticated attackers to issue web requests to arbitrary locations from the application, potentially enabling a...

7.5CVSS5.9AI score0.00271EPSS
Exploits0References2
snyk
snyk
added 2026/05/12 10:23 p.m.10 views

Cross-site Scripting (XSS)

Overview sillytavern is a LLM Frontend for Power Users Affected versions of this package are vulnerable to Cross-site Scripting XSS in the corsProxy file. An attacker can execute arbitrary JavaScript in the victim's browser and in the victim's context by injecting malicious content into the url...

7.1CVSS5.8AI score0.00323EPSS
Exploits0References2
githubexploit
githubexploit
added 2026/05/12 4:36 a.m.149 views

Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets

CVE-2023-27163 — request-baskets SSRF Exploit I wrote this ex...

6.5CVSS6.7AI score0.06976EPSS
Exploits29
nvd
nvd
added 2026/05/12 3:16 a.m.17 views

CVE-2026-27682

Due to a reflected cross-site scripting XSS vulnerability in SAP NetWeaver Application Server ABAP Applications based on Business Server Pages, an unauthenticated attacker could craft a URL that exploits an unprotected URL parameter to embed a malicious script. If a victim clicks the link, the...

6.1CVSS0.00223EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/12 2:19 a.m.41 views

CVE-2026-34258 Content Spoofing vulnerability in SAPUI5 (Search UI)

SAPUI5 Search UI allows an unauthenticated attacker to manipulate specific URL parameters on the Search UI to include malicious content. Successful exploitation may mislead victim users into clicking and accessing attacker-controlled pages rendered by the application. This vulnerability has a low...

4.7CVSS0.00249EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/12 2:19 a.m.46 views

CVE-2026-27682 Reflected Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (Applications based on Business Server Pages)

Due to a reflected cross-site scripting XSS vulnerability in SAP NetWeaver Application Server ABAP Applications based on Business Server Pages, an unauthenticated attacker could craft a URL that exploits an unprotected URL parameter to embed a malicious script. If a victim clicks the link, the...

4.7CVSS0.00223EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/05/12 2:19 a.m.13 views

CVE-2026-27682

Due to a reflected cross-site scripting XSS vulnerability in SAP NetWeaver Application Server ABAP Applications based on Business Server Pages, an unauthenticated attacker could craft a URL that exploits an unprotected URL parameter to embed a malicious script. If a victim clicks the link, the...

4.7CVSS5.8AI score0.00223EPSS
Exploits0References3
cve
cve
added 2026/05/08 9:22 p.m.22 views

CVE-2026-42195

The CVE describes a vulnerability in the draw.io client prior to version 29.7.9 where a ?gitlab= URL parameter can override the GitLab server URL used during OAuth sign-in. A crafted link can force the user’s click on the "Authorize in GitLab" dialog to open a popup on an attacker-controlled host...

3.4CVSS5.8AI score0.00192EPSS
Exploits0References3
euvd
euvd
added 2026/05/08 9:31 a.m.11 views

EUVD-2026-28540

The Auto Affiliate Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 6.8.8 This is due to insufficient input sanitization on the 'url' POST parameter in the aalurlstatssaveaction function and a complete absence of output escaping in...

7.2CVSS6AI score0.00366EPSS
Exploits0References13
Rows per page
Query Builder