Lucene search
K

7 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/20 1:26 a.m.3 views

CVE-2026-32711

pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, b...

7.8CVSS5.8AI score0.00279EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:55 a.m.8 views

CVE-2022-23316

An issue was discovered in taoCMS v3.0.2. There is an arbitrary file read vulnerability that can read any files via admin.php?action=file=download=../../1.txt...

4.9CVSS7AI score0.01017EPSS
Exploits1References1
NVD
NVD
added 2025/12/09 4:18 p.m.3 views

CVE-2025-62090

Missing Authorization vulnerability in Jegstudio Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons gutenverse-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons:...

6.5CVSS0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:43 p.m.7 views

CVE-2022-41474

RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily change the password of any account...

6.5CVSS7.7AI score0.00298EPSS
Exploits1References1
OSV
OSV
added 2023/09/14 5:15 p.m.1 views

UBUNTU-CVE-2023-36250

CSV Injection vulnerability in GNOME time tracker version 3.0.2, allows local attackers to execute arbitrary code via crafted .tsv file when creating a new record...

7.8CVSS6.2AI score0.00556EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/02/21 8:50 a.m.4 views

CVE-2022-4761 Post Views Count <= 3.0.2 - Contributor+ Stored XSS in Shortcode

The Post Views Count WordPress plugin through 3.0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.8AI score0.00627EPSS
Exploits2References1
OSV
OSV
added 2019/07/09 7:15 p.m.5 views

DEBIAN-CVE-2019-13464

An issue was discovered in OWASP ModSecurity Core Rule Set CRS 3.0.2. Use of X.Filename instead of XFilename can bypass some PHP Script Uploads rules, because PHP automatically transforms dots into underscores in certain contexts where dots are invalid...

7.5CVSS7.7AI score0.01466EPSS
Exploits1References1
Rows per page
Query Builder