Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

ATTACKERKB
ATTACKERKBadded 2026/02/03 6:38 a.m.2 views

CVE-2026-0617

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer profile fields in all versions up to, and including, 5.2.5 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS5.6AI score0.00057EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/02/03 6:38 a.m.22 views

CVE-2026-0617 LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.5 - Unauthenticated Stored Cross-Site Scripting

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer profile fields in all versions up to, and including, 5.2.5 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS0.00057EPSS
Exploits0References5
Veracode
Veracodeadded 2025/12/13 4:43 a.m.3 views

Remote Code Execution

Mingsoft MCMS is a Java CMS. Versions prior to and including 5.2.5 contain a file upload vulnerability allowing for a jspx webshell to be uploaded via net.mingsoft.basic.action.web.FileActionupload, resulting in remote code execution. It is unclear if this issue has been patched...

9.8CVSS7.4AI score0.06397EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2023/08/22 12:0 a.m.4 views

PT-2023-11638 · Xz +2 · Xz +2

Name of the Vulnerable Software and Affected Versions: XZ version 5.2.5 Description: An issue in XZ allows attackers to cause a denial of service via decompression of a crafted file. The vendor disputes the claims of "endless output" and "denial of service" because decompression of a 17,486 bytes...

5.5CVSS6.8AI score0.00046EPSS
Exploits0References19
CNNVD
CNNVDadded 2023/08/22 12:0 a.m.3 views

XZ 安全漏洞

xz is a software application. It is used to support reading and writing xz compressed streams. A security vulnerability exists in XZ Utils version 5.2.5, which stems from a vulnerability that allows an attacker to cause a denial of service by unzipping specially crafted files...

5.5CVSS5.7AI score0.00046EPSS
Exploits0References8
OSV
OSVadded 2022/03/03 7:15 p.m.1 views

CVE-2022-23899

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...

9.8CVSS5.8AI score0.00245EPSS
Exploits1References1
OSV
OSVadded 2022/03/03 7:15 p.m.0 views

CVE-2022-23898

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...

9.8CVSS5.8AI score0.75534EPSS
Exploits1References1
CNNVD
CNNVDadded 2022/03/03 12:0 a.m.1 views

MingSoft Mcms SQL注入漏洞

MingSoft Mcms is China's MingFei MingSoft company's a complete open source J2ee system . A security vulnerability exists in MingSoft Mcms v5.2.5 that allows an attacker to perform a SQL injection attack via the search.do parameter in the file /web/MCmsAction.java. No details of the vulnerability...

9.8CVSS5.8AI score0.00245EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/01/26 12:0 a.m.2 views

MingSoft MCMS 代码问题漏洞

MingSoft MCMS is a complete open source J2ee system from China's MingSoft. A code issue vulnerability exists in MingSoft MCMS, which stems from a file upload vulnerability in MCMS version =5.2.5. An attacker can exploit this vulnerability to execute arbitrary code remotely...

9.8CVSS8.8AI score0.06397EPSS
Exploits1References2
Rows per page
Query Builder