Lucene search
K

11 matches found

CVE
CVE
added 2026/03/06 11:4 a.m.10 views

CVE-2026-1468

Product: QuickCMS. Vulnerability: Cross-Site Request Forgery (CSRF) across multiple endpoints. An attacker can lure a victim to a crafted site that automatically issues a POST request using the victim’s credentials. Root cause / vector: The software does not implement protections against CSRF on ...

5.1CVSS5.8AI score0.00222EPSS
Exploits0References2
HackRead
HackRead
added 2025/12/29 12:29 p.m.9 views

Critical 0day flaw Exposes 70k XSpeeder Devices as Vendor Ignores Alert

Researchers reveal CVE-2025-54322, a critical unpatched flaw in XSpeeder networking gear found by AI agents. 70,000 industrial and branch devices are exposed...

10CVSS7AI score0.13992EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/10/18 3:37 p.m.7 views

CVE-2025-11905

A vulnerability was found in yanyutao0402 ChanCMS up to 3.3.2. This vulnerability affects the function getArticle of the file app\modules\cms\controller\gather.js. The manipulation results in code injection. The attack may be launched remotely. The exploit has been made public and could be used...

8.8CVSS6.4AI score0.00748EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-49833

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00915EPSS
Exploits0References5
NVD
NVD
added 2025/04/30 11:16 p.m.27 views

CVE-2025-4142

A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. This vulnerability affects the function sub3C8EC. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but di...

9.8CVSS0.00968EPSS
Exploits1References5
CVE
CVE
added 2025/03/17 5:31 a.m.54 views

CVE-2025-2363

The CVE-2025-2363 entry concerns lenve VBlog up to 1.0.0. Affected is the function uploadImg in blogserver/src/main/java/org/sang/controller/ArticleController.java. The filename argument manipulation leads to path traversal, enabling a remote attack. Public exploit disclosure is noted, and the ve...

9.8CVSS6.9AI score0.00584EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/03/09 5:31 a.m.31 views

CVE-2025-2115 zzskzy Warehouse Refinement Management System AcceptZip.ashx ProcessRequest unrestricted upload

A vulnerability, which was classified as critical, was found in zzskzy Warehouse Refinement Management System 3.1. Affected is the function ProcessRequest of the file /AcceptZip.ashx. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely...

6.5CVSS0.00554EPSS
Exploits1References4
OSV
OSV
added 2023/07/19 2:15 a.m.2 views

CVE-2023-3753

A vulnerability classified as problematic has been found in Creativeitem Mastery LMS 1.2. This affects an unknown part of the file /browse. The manipulation of the argument search/featured/recommended/skill leads to cross site scripting. It is possible to initiate the attack remotely. The...

6.1CVSS3.9AI score0.00312EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2017/07/03 12:0 a.m.84 views

Humax Digital HG100R 2.0.6 XSS / Information Disclosure

Humax Digital HG100R multiple vulnerabilities Device: Humax HG100R Software Version: VER 2.0.6 - Backup file download CVE-2017-7315 An issue was discovered on Humax Digital HG100R 2.0.6 devices, a modem commonly used by ISPs to provide ADSL internet service to household and small business users...

7.9AI score0.02241EPSS
Exploits7
Packet Storm
Packet Storm
added 2013/02/15 12:0 a.m.21 views

Photodex ProShow Producer 5.0.3297 Memory Corruption

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Improper Restriction of Operations within the Bounds of a Memory BufferCWE-119 Date found: 2013-02-14 Date published: 2013-02-14...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2005/10/11 12:0 a.m.27 views

baalASPSQL.txt

------------------------------------------------------ Nightmare TeAmZ Advisory 002 ------------------------------------------------------ Date - 10/2005 BaalASP Free Bulletin Board Sql Injection Admin Login AFFECTED PRODUCTS ================= BaalASP Free Bulletin Board...

7.4AI score
Exploits0
Rows per page
Query Builder