Lucene search
+L

11 matches found

Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-49971 Laravel-Mediable < 7.0.0 Stored XSS via SVG File Upload

Laravel-Mediable before 7.0.0 contains a stored cross-site scripting vulnerability that allows authenticated or anonymous users to execute arbitrary JavaScript by uploading unsanitized SVG files containing embedded scripts in onload event handlers, script tags, or foreignObject elements. Attacker...

6.1CVSS0.00203EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-40169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in an ou...

6.2CVSS5.8AI score0.0018EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.4 views

CVE-2026-39484 WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

5.8AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.9 views

CVE-2025-67922

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Reflected XSS.This issue affects Grand Restaurant: from n/a through 7.0.9...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2026/01/08 10:15 a.m.6 views

CVE-2025-67922

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Reflected XSS.This issue affects Grand Restaurant: from n/a through 7.0.9...

7.1CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:14 p.m.24 views

CVE-2025-67544 WordPress Shopkeeper Extender plugin < 7.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Get Bowtied Shopkeeper Extender shopkeeper-extender allows Stored XSS.This issue affects Shopkeeper Extender: from n/a through 7.0...

6.5CVSS0.00162EPSS
Exploits0References1
OSV
OSV
added 2025/11/11 8:15 p.m.8 views

AZL-70199 CVE-2025-12748 affecting package libvirt for versions less than 7.10.0-11

A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicious user with limited permissions could exploit this flaw by submitting a specially crafted XML file, causing libvirt to allocate too...

5.5CVSS5.8AI score0.00204EPSS
Exploits0References1
OSV
OSV
added 2025/10/03 5:28 p.m.12 views

CVE-2025-61593 Cursor CLI Agent: Sensitive File Overwrite Bypass

Cursor is a code editor built for programming with AI. In versions 1.7 and below, a vulnerability in the way Cursor CLI Agent protects its sensitive files i.e. /.cursor/cli.json allows attackers to modify the content of the files through prompt injection, thus achieving remote code execution. A...

7.1CVSS8.2AI score0.00381EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/04/15 12:15 p.m.5 views

CVE-2025-30964

Server-Side Request Forgery SSRF vulnerability in ThemeGoods Photography photography allows Server Side Request Forgery.This issue affects Photography: from n/a through 7.7.6...

6.8AI score0.00208EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 9:30 p.m.11 views

CVE-2022-2218

Cross-site Scripting XSS - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0...

9.1CVSS5.8AI score0.00863EPSS
Exploits1References1
OSV
OSV
added 2022/06/02 2:15 p.m.8 views

AZL-9877 CVE-2022-27782 affecting package curl for versions less than 7.83.1-1

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH...

7.5CVSS6.7AI score0.02596EPSS
Exploits1References1
Rows per page
Query Builder