Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31305

Name of the Vulnerable Software and Affected Versions Page Builder: Pagelayer plugin for WordPress versions up to and including 2.0.8 Description The Page Builder: Pagelayer plugin for WordPress is susceptible to Stored Cross-Site Scripting via the Button widget's Custom Attributes field. This is...

6.4CVSS5.9AI score0.00345EPSS
Exploits0References7
OSV
OSV
added 2025/05/21 5:43 p.m.6 views

CVE-2025-48069 ejson2env has insufficient input sanitization

ejson2env allows users to decrypt EJSON secrets and export them as environment variables. Prior to version 2.0.8, the ejson2env tool has a vulnerability related to how it writes to stdout. Specifically, the tool is intended to write an export statement for environment variables and their values...

6.6CVSS7.3AI score0.01334EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/06/22 12:0 a.m.5 views

PT-2023-3650 · Unknown · Spidercontrol Scada Web Server

Name of the Vulnerable Software and Affected Versions: SpiderControl SCADA Webserver versions 2.08 and prior Description: The issue exists due to incorrect restriction of the path name to a directory with limited access. Exploitation of this issue may allow a remote attacker to cause a...

6.5CVSS7.5AI score0.01049EPSS
Exploits0References7
OSV
OSV
added 2018/06/29 12:35 p.m.6 views

SUSE-SU-2018:1850-1 Security update for python-paramiko

This update for python-paramiko to version 2.0.8 fixes the following issues: - CVE-2018-7750: transport.py in the SSH server implementation of Paramiko did not properly check whether authentication is completed processing other requests. A customized SSH client could have skipped the authenticati...

9.8CVSS9.5AI score0.27065EPSS
Exploits10References3
VulnCheck KEV
VulnCheck KEV
added 2009/08/06 12:0 a.m.4 views

VulnCheck KEV: CVE-2009-3041

SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for 1 ecrire/exec/install.php and 2 ecrire/index.php, which allows remote attackers to conduct unauthorized activities related to installation and backups, as exploited in the wild in August 2009...

7.5CVSS5.8AI score0.06589EPSS
Exploits2References1
Rows per page
Query Builder