Lucene search
+L

12 matches found

nvd
nvd
added 2026/04/23 4:16 a.m.9 views

CVE-2026-3007

Successful exploitation of the stored cross-site scripting XSS vulnerability could allow an attacker to execute arbitrary JavaScript on any user account that has access to Koollab LMS’ courselet feature...

5.4CVSS0.00173EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-1425

Malware in sbrugna...

4.4CVSS6.1AI score0.00389EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-2362

Malware in sbrugna...

3.6CVSS6.4AI score0.00378EPSS
Exploits1References4
euvd
euvd
added 2025/10/07 12:30 a.m.9 views

EUVD-2005-2509

Malware in sbrugna...

4.6CVSS6.4AI score0.00687EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-10885

Malicious code in bioql PyPI...

4.3CVSS3.6AI score0.00225EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/05/23 4:58 a.m.12 views

CVE-2023-6824

The WP Customer Area WordPress plugin before 8.2.1 does not properly validates user capabilities in some of its AJAX actions, allowing any users to retrieve other user's account address...

6.5CVSS6.7AI score0.00483EPSS
Exploits1
bdu_fstec
bdu_fstec
added 2025/04/14 12:0 a.m.11 views

The vulnerability of the PowerScale OneFS operating system, related to deficiencies in authentication procedures, allows a perpetrator to gain access to user accounts.

The vulnerability of the PowerScale OneFS operating system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain access to the user account...

7CVSS5.5AI score0.00149EPSS
Exploits0References2Affected Software1
github
github
added 2024/02/28 6:57 p.m.41 views

YARD's default template vulnerable to Cross-site Scripting in generated frames.html

Summary The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting XSS attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. Details The vulnerability stems from mishandling...

6.1CVSS5.2AI score0.0106EPSS
Exploits1References9Affected Software1
nvd
nvd
added 2023/10/19 3:15 a.m.23 views

CVE-2023-37503

HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts...

9.8CVSS8.7AI score0.00454EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2021/11/23 12:0 a.m.7 views

The vulnerability of the ioAdmin tool, related to the storage of confidential information in unencrypted form, allows a perpetrator to gain access to user accounts.

The vulnerability of the ioAdmin tool is related to the storage of confidential information in an unencrypted form. Exploiting this vulnerability can allow a perpetrator to gain access to user accounts...

7.8CVSS5.5AI score
Exploits0References1Affected Software1
nvd
nvd
added 2011/02/17 6:0 p.m.19 views

CVE-2010-3273

ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows remote attackers to reset user passwords, and consequently obtain access to arbitrary user accounts, by providing a user id to accounts/ValidateUser, and then providing a new password to accounts/ResetResult...

5CVSS6.9AI score0.03332EPSS
Exploits2References8
cvelist
cvelist
added 2011/02/08 8:0 p.m.21 views

CVE-2011-0910

The cookie implementation in Vanilla Forums before 2.0.17.6 makes it easier for remote attackers to spoof signed requests, and consequently obtain access to arbitrary user accounts, via HMAC timing attacks...

6.7AI score0.01047EPSS
Exploits0References1
Rows per page
Query Builder