Lucene search
+L

99 matches found

NVD
NVD
added 2025/10/03 7:15 p.m.8 views

CVE-2025-57714

An unquoted search path or element vulnerability has been reported to affect NetBak Replicator. If a local attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: NetBak...

8.5CVSS0.00205EPSS
Exploits0References1
CVE
CVE
added 2025/09/22 8:45 a.m.16 views

CVE-2025-8079

CVE-2025-8079 concerns Akıllı Ticaret Software Technologies Ltd. Co. Smart Trade E-Commerce, with a vulnerability prior to version 4.5.0.0.1: improper neutralization of input during web page generation that leads to Reflected XSS. The issue affects Smart Trade E-Commerce before 4.5.0.0.1 and is d...

4.6CVSS5.4AI score0.00221EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/22 12:0 a.m.5 views

WordPress plugin Save as PDF 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site...

6.5CVSS5.7AI score0.00196EPSS
Exploits0References1
CVE
CVE
added 2025/09/14 5:3 p.m.30 views

CVE-2025-6051

CVE-2025-6051 is a ReDoS in Hugging Face Transformers’ EnglishNormalizer.normalize_numbers(), affecting versions up to 4.52.4 and fixed in 4.53.0. The issue arises from numeric string handling, enabling crafted inputs with long digit sequences to cause excessive CPU usage, impacting text-to-speec...

5.3CVSS6.5AI score0.00349EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/05/28 12:0 a.m.3 views

Avast Business Antivirus 安全漏洞

Avast Business Antivirus is a commercial network antivirus from Avast. A security vulnerability exists in Avast Business Antivirus version 4.5, which stems from insufficient file validation and could lead to tampering of update files...

7.3CVSS6.6AI score0.00177EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/26 12:0 a.m.5 views

llisoft MTA Maita Training System 注入漏洞

The llisoft MTA Maita Training System is a training system from China Dongke llisoft. An injection vulnerability exists in version 4.5 of the llisoft MTA Maita Training System, which results from an SQL injection due to the operation of the parameter stTypeIds...

9.8CVSS7AI score0.00351EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/02/21 12:0 a.m.4 views

PT-2025-7515 · WordPress · Wp-Appbox

Name of the Vulnerable Software and Affected Versions: WP-Appbox plugin for WordPress versions up to, and including, 4.5.4 Description: The issue is related to Stored Cross-Site Scripting via the plugin's appbox shortcode due to insufficient input sanitization and output escaping on user-supplied...

6.4CVSS8AI score0.00278EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/01/17 12:0 a.m.6 views

ETIC Telecom Remote Access Server 安全漏洞

ETIC Telecom Remote Access Server is a remote maintenance solution from the French company ETIC Telecom. It is designed to enable manufacturers to maintain automated equipment remotely. A security vulnerability exists in ETIC Telecom Remote Access Server versions prior to 4.5.0, which stems from...

8.6CVSS6.5AI score0.00231EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/12/06 9:57 p.m.10 views

WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Online Booking & Scheduling Calendar for WordPress by vcita versions = 4.5.1...

5.4CVSS5.8AI score0.0025EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/11/04 10:15 p.m.6 views

DEBIAN-CVE-2024-51744

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

3.1CVSS6.3AI score0.00521EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.5 views

IBOS 安全漏洞

IBOS is a collaborative office management system open-sourced by IBOS China. A security vulnerability exists in IBOS version 4.5.5, which stems from the existence of an arbitrary file deletion vulnerability that can be deleted via systemmodulesdashboardcontrollersLoginController.php...

9.1CVSS6.8AI score0.00444EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/10/06 12:0 a.m.6 views

WordPress plugin GEO my WordPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.2AI score0.00302EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.5 views

Super 8 安全漏洞

Super 8 is a one-stop social chat software from China-based Super 8. A security vulnerability exists in Super 8 4.5.0 and prior versions, which stems from the presence of a cross-site scripting XSS vulnerability...

6.1CVSS6AI score0.00425EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/23 12:0 a.m.5 views

Meross MSH30Q Security Vulnerability

The Meross MSH30Q is a smart Wi-Fi hub from Meross. A security vulnerability exists in the Meross MSH30Q version 4.5.23, which stems from vulnerability to replay attacks, where an attacker can record and replay previously captured communications to perform unauthorized commands or actions...

8.8CVSS6.9AI score0.0028EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/03 12:0 a.m.4 views

CBOR Security Breach

CBOR is a C implementation of the Concise Binary Object Representation by the individual developer Peter Occil. A security vulnerability exists in CBOR versions 4.0.0 through 4.5.0, which stems from the use of an inefficient algorithm that makes it susceptible to denial-of-service attacks when...

7.5CVSS6.7AI score0.01061EPSS
Exploits0References7
OSV
OSV
added 2023/12/29 10:15 a.m.6 views

CVE-2023-51420

Improper Control of Generation of Code 'Code Injection' vulnerability in Soft8Soft LLC Verge3D Publishing and E-Commerce.This issue affects Verge3D Publishing and E-Commerce: from n/a through 4.5.2...

8.8CVSS5.8AI score0.00579EPSS
Exploits0References1
OSV
OSV
added 2023/11/09 6:15 p.m.8 views

CVE-2023-46614

Cross-Site Request Forgery CSRF vulnerability in Mat Bao Corp WP Helper Premium plugin = 4.5.1 versions...

8.8CVSS7.3AI score0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/01 12:0 a.m.5 views

BigTree CMS 安全漏洞

BigTree CMS is a content management system. A cross-site scripting vulnerability exists in BigTree CMS version v4.5.7, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by a remote attacker to execute arbitrary code via ID...

5.4CVSS6.9AI score0.00613EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/09/01 12:0 a.m.6 views

IBOS SQL Injection Vulnerability

IBOS is a collaborative office management system. An SQL injection vulnerability exists in IBOS OA version 4.5.5, which stems from the fact that incorrect manipulation of the touid in the addComment function of ?r=weibo/comment/addcomment can lead to SQL injection...

8.8CVSS7.9AI score0.00702EPSS
Exploits1References4
OSV
OSV
added 2023/08/26 7:15 a.m.4 views

CVE-2023-4545

A vulnerability was found in IBOS OA 4.5.5. It has been classified as critical. Affected is an unknown function of the file ?r=recruit/bgchecks/export&checkids=x. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public an...

9.8CVSS6.4AI score0.00744EPSS
Exploits1References3
Rows per page
Query Builder