Lucene search
+L

7 matches found

NVD
NVD
added 2026/03/24 5:16 a.m.4 views

CVE-2026-3138

The Product Filter for WooCommerce by WBW plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check in all versions up to, and including, 3.1.2. This is due to the plugin's MVC framework dynamically registering unauthenticated AJAX handlers via wpajaxnopriv...

6.5CVSS0.00273EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/07/18 12:0 a.m.4 views

MRCMS 安全漏洞

MRCMS is a content management system by the individual developers at marker. A security vulnerability exists in MRCMS version 3.1.2, which stems from mishandling of the component /admin/group/save.do, which could lead to a cross-site scripting attack...

4.8CVSS6AI score0.00188EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 9:46 a.m.7 views

CVE-2024-25428

SQL Injection vulnerability in MRCMS v3.1.2 allows attackers to run arbitrary system commands via the status parameter...

6.5CVSS8.3AI score0.00395EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:3 a.m.7 views

CVE-2014-100021

Cross-site scripting XSS vulnerability in symfony/web/index.php/pim/viewEmployeeList in OrangeHRM before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the empsearchemployeenameempId parameter...

4.3CVSS5.9AI score0.0122EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/23 12:22 a.m.16 views

CVE-2025-25768

MRCMS v3.1.2 was discovered to contain a server-side template injection SSTI vulnerability in the component \servlet\DispatcherServlet.java. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

5.4CVSS8.3AI score0.00326EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/02/21 12:0 a.m.30 views

CVE-2025-25768

MRCMS v3.1.2 was discovered to contain a server-side template injection SSTI vulnerability in the component \servlet\DispatcherServlet.java. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

0.00326EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/01/04 12:0 a.m.3 views

CVE-2023-50082

Aoyun Technology pbootcms V3.1.2 is vulnerable to Incorrect Access Control, allows remote attackers to gain sensitive information via session leakage allows a user to avoid logging into the backend management platform...

7.8AI score0.00606EPSS
Exploits1References2
Rows per page
Query Builder