Lucene search
K

5 matches found

NVD
NVD
added 2026/06/14 8:16 a.m.17 views

CVE-2025-15546

The Iptanus File Upload WordPress plugin before 5.1.7 does not implement proper file handling when the duplicatepolicy setting is configured to "maintain both." Due to a Time-of-Check to Time-of-Use TOCTOU race condition between the file existence check and the actual file write operation, an...

5.4CVSS0.00159EPSS
Exploits0References1
NVD
NVD
added 2025/05/02 12:15 p.m.16 views

CVE-2025-2421

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection. This issue affects SambaBox: before 5.1...

9.8CVSS0.00504EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/02 11:30 a.m.14 views

CVE-2025-2488 XSS in Profelis Informatics' SambaBox

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting XSS. This issue affects SambaBox: before 5.1...

6.1CVSS0.00255EPSS
Exploits0References3
CVE
CVE
added 2025/05/02 11:27 a.m.59 views

CVE-2025-2421

CVE-2025-2421 affects SambaBox (Profelis Informatics) prior to version 5.1. The root cause is improper control of code generation, enabling a code injection vulnerability. Multiple sources consistently describe impact as code injection with a high severity risk; CVSS metrics in the initial entry ...

9.8CVSS5.4AI score0.00504EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2019/09/20 12:0 a.m.15 views

avada theme for WordPress cross-site scripting vulnerability

avada theme for WordPress is a responsive multipurpose theme plugin for use in WordPress. A cross-site scripting vulnerability exists in avada theme for WordPress versions prior to 5.1.5. The vulnerability stems from a lack of proper validation of client-side data by the web application. An...

6.1CVSS6.2AI score0.00907EPSS
Exploits1References1
Rows per page
Query Builder