Lucene search
K

221 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added last week9 views

Malicious code in visa-cli-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0e8f566e285de1eec2c3cae07b0faaa8828080a4e1fed7e76e1fe43dfa571ec Package presents as an internal-looking corporate tooling name 'visa-cli-tools' published at an inflated version 99.9.1 — the canonical...

6.2AI score
Exploits0References2
NVD
NVD
added 2026/06/19 4:16 p.m.13 views

CVE-2017-20255

Joomla! Component JB Visa 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the visatype parameter. Attackers can send GET requests to index.php with the option=combookpro and view=popup parameter...

8.8CVSS0.00334EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/19 3:27 p.m.32 views

CVE-2017-20255 Joomla! Component JB Visa 1.0 SQL Injection via visatype

Joomla! Component JB Visa 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the visatype parameter. Attackers can send GET requests to index.php with the option=combookpro and view=popup parameter...

8.8CVSS0.00334EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/19 3:27 p.m.6 views

EUVD-2017-18982

Joomla! Component JB Visa 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the visatype parameter. Attackers can send GET requests to index.php with the option=combookpro and view=popup parameter...

8.8CVSS6.3AI score0.00334EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/19 3:27 p.m.9 views

CVE-2017-20255

Joomla! Component JB Visa 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the visatype parameter. Attackers can send GET requests to index.php with the option=combookpro and view=popup parameter...

8.8CVSS6.3AI score0.00334EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/19 3:27 p.m.15 views

CVE-2017-20255

This CVE affects the Joomla! extension JB Visa 1.0. The vulnerability is an SQL injection in the visatype parameter that can be exploited via GET requests to index.php with option=com_bookpro and view=popup, allowing unauthenticated attackers to extract sensitive data (credentials and table conte...

8.8CVSS6.3AI score0.00334EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50932

Name of the Vulnerable Software and Affected Versions Joomla! Component JB Visa version 1.0 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by injecting malicious code into the visatype parameter via GET requests to the 'index.php'...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/22 9:31 p.m.12 views

EUVD-2026-22853

The Visa Acceptance Solutions plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.1.0. This is due to the expresspayproductpagepayfororder function logging users in based solely on a user-supplied billing email address during guest checkout for...

9.8CVSS5.6AI score0.00475EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/04/15 1:21 p.m.5 views

WordPress Visa Acceptance Solutions plugin <= 2.1.0 - Unauthenticated Authentication Bypass via Billing Email vulnerability

Unauthenticated Authentication Bypass via Billing Email vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Visa Acceptance Solutions versions = 2.1.0...

9.8CVSS5.8AI score0.00475EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/04/15 9:16 a.m.6 views

CVE-2026-3461

The Visa Acceptance Solutions plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.1.0. This is due to the expresspayproductpagepayfororder function logging users in based solely on a user-supplied billing email address during guest checkout for...

9.8CVSS0.00475EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/15 8:28 a.m.2 views

CVE-2026-3461

The Visa Acceptance Solutions plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.1.0. This is due to the expresspayproductpagepayfororder function logging users in based solely on a user-supplied billing email address during guest checkout for...

9.8CVSS5.6AI score0.00475EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/15 8:28 a.m.39 views

CVE-2026-3461 Visa Acceptance Solutions <= 2.1.0 - Unauthenticated Authentication Bypass via Billing Email

The Visa Acceptance Solutions plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.1.0. This is due to the expresspayproductpagepayfororder function logging users in based solely on a user-supplied billing email address during guest checkout for...

9.8CVSS0.00475EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/15 8:28 a.m.12 views

CVE-2026-3461 Visa Acceptance Solutions <= 2.1.0 - Unauthenticated Authentication Bypass via Billing Email

The Visa Acceptance Solutions plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.1.0. This is due to the expresspayproductpagepayfororder function logging users in based solely on a user-supplied billing email address during guest checkout for...

9.8CVSS5.6AI score0.00475EPSS
Exploits0References5
CVE
CVE
added 2026/04/15 8:28 a.m.22 views

CVE-2026-3461

The CVE concerns the Visa Acceptance Solutions WordPress plugin (

9.8CVSS5.6AI score0.00475EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.9 views

PT-2026-33018

Name of the Vulnerable Software and Affected Versions Visa Acceptance Solutions versions prior to 2.1.1 Description The Visa Acceptance Solutions plugin for WordPress allows unauthenticated attackers to log in as any existing user, including administrators. This occurs because the express pay...

9.8CVSS5.2AI score0.00475EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.10 views

WordPress plugin Visa Acceptance Solutions 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

9.8CVSS5.8AI score0.00475EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/19 7:32 a.m.6 views

CVE-2025-59134

Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through = 1.5.8...

8.8CVSS7AI score0.00307EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 2:32 p.m.4 views

CVE-2025-64464 Out-of-Bounds Read in lvre!VisaWriteFromFile() in NI LabVIEW

There is an out of bounds read vulnerability in NI LabVIEW in lvre!VisaWriteFromFile when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. Th...

8.5CVSS6.8AI score0.00132EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 8:16 a.m.4 views

CVE-2025-59134

Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through = 1.5.8...

8.8CVSS0.00307EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/18 7:21 a.m.4 views

EUVD-2025-204144

Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through = 1.5.8...

8.8CVSS6.5AI score0.00307EPSS
Exploits0References2
Rows per page
Query Builder