Lucene search
K

11 matches found

EUVD
EUVD
added 2026/03/25 6:31 p.m.5 views

EUVD-2026-15534

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Handmade Framework handmade-framework allows Reflected XSS.This issue affects Handmade Framework: from n/a through = 3.9...

7.1CVSS5.8AI score0.0023EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/13 9:31 p.m.7 views

EUVD-2026-11872

Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through = 3.9.0...

5.8AI score0.00209EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

WordPress plugin Tutor LMS 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00345EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.5 views

JeecgBoot 授权问题漏洞

JeecgBoot is a Java low-code platform for enterprise web applications from China National Torch Jeecg. An authorization issue vulnerability exists in JeecgBoot 3.9.0 and earlier versions, which stems from a vulnerability in the file...

8.1CVSS6.4AI score0.00303EPSS
Exploits1References6
OSV
OSV
added 2025/12/11 5:15 p.m.4 views

CVE-2025-66043

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 3...

9.8CVSS6.5AI score
Exploits0References1
Cvelist
Cvelist
added 2025/05/16 3:45 p.m.43 views

CVE-2025-39481 WordPress Eventer plugin < 3.11.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through 3.11.4...

9.3CVSS0.00443EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/15 12:10 a.m.22 views

CVE-2025-28056

rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in /admin/admin-cli/exec component...

9.8CVSS7.9AI score0.00377EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/04/01 2:51 p.m.3 views

CVE-2025-31806 WordPress Webling plugin <= 3.9.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uSystems Webling webling allows Stored XSS.This issue affects Webling: from n/a through = 3.9.0...

5.9CVSS7.2AI score0.00347EPSS
Exploits0References1
OSV
OSV
added 2025/03/20 12:0 a.m.11 views

DLA-4087-1 python3.9 - security update

Bulletin has no description...

7.5CVSS6.7AI score0.08325EPSS
Exploits1
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.4 views

Humming Heads Defense Platform 安全漏洞

Humming Heads Defense Platform is a network security software from Humming Heads, Inc. A security vulnerability exists in Humming Heads Defense Platform Ver.3.9.51.x and prior versions that originated from a vulnerability that allows an attacker to send a specially crafted message to modify syste...

6.5CVSS6.9AI score0.00139EPSS
Exploits0References2
OSV
OSV
added 2019/05/20 4:29 p.m.6 views

CVE-2019-12215

A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user can trigger a particular error to discover the full path of Matomo on the disk, because lastError.file is used in plugins/CorePluginsAdmin/templates/safemode.twig. NOTE: the vendor disputes the significance of this...

4.3CVSS4.6AI score
Exploits0References1
Rows per page
Query Builder