Lucene search
K

12 matches found

NVD
NVD
added yesterday3 views

CVE-2026-57391

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tangible Loops & Logic tangible-loops-and-logic allows Stored XSS.This issue affects Loops & Logic: from n/a through = 4.2.3...

6.5CVSS0.00235EPSS
Exploits0References1
Patchstack
Patchstack
added 6 days ago4 views

WordPress Loops & Logic plugin <= 4.2.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by ParkHyunWoo in WordPress Plugin Loops & Logic versions = 4.2.3...

6.5CVSS6.1AI score0.00235EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/04/11 1:24 a.m.34 views

CVE-2026-5226 Optimole <= 4.2.3 - Reflected Cross-Site Scripting via Page Profiler URL

The Optimole – Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL paths in versions up to, and including, 4.2.3 This is due to insufficient output escaping on user-supplied URL paths in the getcurrenturl function, which are inserted into...

6.1CVSS0.00495EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/11 12:0 a.m.17 views

PT-2026-32092

The Optimole – Optimize Images in Real Time plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL paths in versions up to, and including, 4.2.3 This is due to insufficient output escaping on user-supplied URL paths in the get current url function, which are inserted into...

6.1CVSS6AI score0.00495EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2025/03/06 2:15 p.m.8 views

CVE-2025-0877

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in AtaksAPP Reservation Management System allows Cross-Site Scripting XSS. This issue affects Reservation Management System: before 4.2.3...

4.7CVSS5.4AI score0.00276EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.6 views

pgAgent 安全漏洞

pgAgent is an open source job scheduler for PostgreSQL from the pgAdmin Project. A security vulnerability exists in pgAgent versions prior to 4.2.3 that stems from insufficient initialization of the random number generator used to generate directory names, which allows a local attacker to...

7.1CVSS5.2AI score0.00171EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/15 12:0 a.m.7 views

TAIWAN-CA(TWCA) JCICSecurityTool Input Validation Error Vulnerability

TAIWAN-CATWCA JCICSecurityTool is an application from Taiwan Web Certification TWCA. An input validation error vulnerability exists in TAIWAN-CATWCA JCICSecurityTool version v4.2.3.32, which stems from insufficient filtering of special characters in registry-related functions, and can be exploite...

8.8CVSS6.2AI score0.0103EPSS
Exploits0References2
OSV
OSV
added 2022/03/11 6:15 p.m.8 views

CVE-2022-25600

Cross-Site Request Forgery CSRF vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin versions = 4.2.3...

8.8CVSS5.5AI score0.00559EPSS
Exploits0References5
OSV
OSV
added 2020/10/19 7:15 p.m.2 views

CVE-2020-24375

A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3...

6.5CVSS5.8AI score0.01063EPSS
Exploits1References2
CNVD
CNVD
added 2017/06/29 12:0 a.m.2 views

Multiple SQL Injection Vulnerabilities in Ranzhi Collaboration Office Management System

RANZI Coworking Management System is an open source coworking system for small and medium-sized enterprises. Ranzhi Collaboration Office Management System version 4.2.3 has multiple SQL injection vulnerabilities, which can be exploited by attackers to obtain sensitive database information...

8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2015/10/05 12:0 a.m.10 views

PT-2015-6831 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.2.3 Description: The issue is related to an incorrect sequence of protocol-initialization steps in the sctp init function, which can cause a denial of service, resulting in a panic or memory corruption. This c...

10CVSS7.3AI score0.2593EPSS
Exploits72References480
CNVD
CNVD
added 2015/07/10 12:0 a.m.4 views

Fastspot BigTree 'admin.php' Script HTML Injection Vulnerability

Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. An HTML injection vulnerability exists in Fastspot BigTree CMS versions prior to 4.2.3, which stems from the program failing to adequately filter user-submitted input. When...

7.6AI score
Exploits0References1
Rows per page
Query Builder