Lucene search
K

9 matches found

Cvelist
Cvelist
โ€ขadded 2026/04/02 12:14 a.m.โ€ข25 views

CVE-2026-1243 IBM Content Navigator is affected by , a Cross-Site Scripting (XSS) vulnerability

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS0.00207EPSS
Exploits0References1
Positive Technologies
Positive Technologies
โ€ขadded 2026/04/02 12:0 a.m.โ€ข9 views

PT-2026-29656

IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References2
CVE
CVE
โ€ขadded 2026/02/03 3:14 p.m.โ€ข18 views

CVE-2026-23795

CVE-2026-23795 describes an XML External Entity (XXE) vulnerability in the Apache Syncope Console. An administrator with sufficient entitlements to create or edit Keymaster parameters can craft malicious XML text to trigger XXE, potentially leaking sensitive data. Affected versions: Apache Syncop...

4.9CVSS5.2AI score0.00827EPSS
Exploits0References2Affected Software1
EUVD
EUVD
โ€ขadded 2025/10/14 2:8 p.m.โ€ข6 views

EUVD-2025-34214

IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. Application files and folders are visible in the browser to a user; however, the contents of the files cannot be read obtained or modified...

5.3CVSS6AI score0.00279EPSS
Exploits0References2
Patchstack
Patchstack
โ€ขadded 2025/08/17 2:53 a.m.โ€ข7 views

WordPress Jenga Payment Gateway for WooCommerce plugin <= 3.0.15 - SQL Injection vulnerability

SQL Injection vulnerability discovered by 0se1do in WordPress Plugin Jenga Payment Gateway for WooCommerce versions = 3.0.15...

5.3CVSS7.8AI score0.00275EPSS
Exploits0Affected Software1
OSV
OSV
โ€ขadded 2025/04/02 3:15 p.m.โ€ข2 views

CVE-2024-56341

IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.1AI score0.00213EPSS
Exploits0References1
Positive Technologies
Positive Technologies
โ€ขadded 2024/11/19 12:0 a.m.โ€ข12 views

PT-2024-35035 ยท Unknown ยท Imforza Wp Listings Pro

Name of the Vulnerable Software and Affected Versions: imFORZA WP Listings Pro versions prior to 3.0.15 Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting XSS vulnerability, specifically Stored XSS. This allows...

6.5CVSS6.2AI score0.00302EPSS
Exploits0References3
CNVD
CNVD
โ€ขadded 2018/05/22 12:0 a.m.โ€ข7 views

BaserCMS Cross-Site Scripting Vulnerability (CNVD-2018-15279)

baserCMS is an enterprise-level content management system CMS. A cross-site scripting vulnerability exists in baserCMS versions 4.1.0.1 and earlier and 3.0.15 and earlier. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

6.1CVSS6.2AI score0.00842EPSS
Exploits0References1
CNVD
CNVD
โ€ขadded 2017/07/18 12:0 a.m.โ€ข2 views

FreeRADIUS 'make_secret()' Letter Denial of Service Vulnerability

FreeRADIUS is a set of software that implements the RADIUS protocol from the FreeRADIUS Server project. The software is mainly used for account authentication management, bookkeeping management and Internet account management, etc. and contains a Radius server, a client library for BSD protocol...

7.5CVSS6.9AI score0.03001EPSS
Exploits0References1
Rows per page
Query Builder