Lucene search
K

7 matches found

NVD
NVD
added 2026/05/05 7:16 a.m.34 views

CVE-2026-40797

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saleswonder LLC WebinarIgnition allows Blind SQL Injection. This issue affects WebinarIgnition: from n/a through 4.08.253...

9.3CVSS0.00339EPSS
Exploits0References1
NVD
NVD
added 2026/01/08 4:15 p.m.10 views

CVE-2025-67090

The LuCI web interface on Gl Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. Fix available in version 4.8.2 GL.Inet AX1800 Version 4.6.4 & 4.6.8 lacks rate limiting or account lockout mechanisms on the authentication endpoint /cgi-bin/luci. An unauthenticated attacker on the local netwo...

5.1CVSS0.00214EPSS
Exploits1References3
EUVD
EUVD
added 2025/12/09 6:30 p.m.3 views

EUVD-2025-202122

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster noo-jobmonster allows PHP Local File Inclusion.This issue affects Jobmonster: from n/a through = 4.8.2...

6.6AI score0.00385EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.5 views

WordPress plugin Backup, Restore and Migrate your sites with XCloner 跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. The WordPress plug...

4.3CVSS6.6AI score0.00106EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.3 views

PT-2025-4966 · Unknown · Eelv-Newsletter

Name of the Vulnerable Software and Affected Versions: EELV Newsletter versions prior to 4.8.2 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows Reflected XSS. This enables an attacker to inject...

7.1CVSS9.3AI score0.00396EPSS
Exploits0References3
CNVD
CNVD
added 2017/09/25 12:0 a.m.6 views

WordPress oEmbed discovery cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on servers with PHP and MySQL. oEmbed discovery is one of the oEmbed search plugin. A cross-site scripting vulnerability exists in oEmbed...

6.1CVSS7.1AI score0.02859EPSS
Exploits0References1
OSV
OSV
added 2017/09/23 8:29 p.m.2 views

DEBIAN-CVE-2017-14721

Before version 4.8.2, WordPress allowed Cross-Site scripting in the plugin editor via a crafted plugin name...

6.1CVSS6.5AI score0.02136EPSS
Exploits0References1
Rows per page
Query Builder