Lucene search
K

8 matches found

Snyk
Snyk
added 2026/04/14 11:41 p.m.4 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the VerifyTimestampResponse function when a forged certificate is prepended to the certificate bag. An attacker can bypass authorization checks by supplying a payload where the signature is validated...

6.7CVSS5.3AI score0.00099EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:41 a.m.7 views

CVE-2022-26301

TuziCMS v2.0.6 was discovered to contain a SQL injection vulnerability via the component App\Manage\Controller\ZhuantiController.class.php...

9.8CVSS8.3AI score0.01064EPSS
Exploits1References1
CVE
CVE
added 2025/04/17 3:47 p.m.45 views

CVE-2025-32634

CVE-2025-32634 describes a Reflected XSS in the WordPress plugin Run Contests, Raffles, and Giveaways with ContestsWP (versions n/a through 2.0.6). The vulnerability arises from improper input neutralization during web page generation. Affected software is ContestsWP communications for Run Contes...

7.1CVSS7.2AI score0.00257EPSS
Exploits0References1
OSV
OSV
added 2023/03/31 10:15 p.m.4 views

CVE-2022-47190

Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a webshell that could allow him to execute arbitrary code as root...

9.8CVSS6.1AI score0.0157EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.3 views

inxedu SQL注入漏洞

Inxedu inxedu is a set of open source online education platform of China Inxedu Inxedu company. The platform includes an online school system, a live broadcasting system, an examination system and a marketing website. SQL injection vulnerability exists in inxedu version 2.0.6, the vulnerability...

9.8CVSS8.6AI score0.13561EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.5 views

PT-2022-27525 · Unknown · Alarm Instance Management

Name of the Vulnerable Software and Affected Versions: Alarm instance management versions prior to 2.0.6 Description: The issue is related to command injection in alarm instance management when a specific command is configured, affecting only logged-in users. Recommendations: For versions prior t...

9.8CVSS7.7AI score0.02773EPSS
Exploits0References13
OSV
OSV
added 2021/09/13 6:15 p.m.2 views

CVE-2021-24726

The WP Simple Booking Calendar WordPress plugin before 2.0.6 did not escape, validate or sanitise the orderby parameter in its Search Calendars action, before using it in a SQL statement, leading to an authenticated SQL injection issue...

8.8CVSS7.3AI score
Exploits0References2
CNVD
CNVD
added 2020/10/28 12:0 a.m.5 views

Blueman Injection Vulnerability

Blueman is a graphical Bluetooth management tool for the GNOME desktop environment from the Blueman team. The main functions are: sending files, browsing files on the device, viewing information about local or remote devices, configuring local devices, managing bindings, binding services, etc...

7.1CVSS7AI score0.04539EPSS
Exploits4References1
Rows per page
Query Builder