Lucene search
K

9 matches found

CVE
CVE
added 2025/12/26 12:0 a.m.19 views

CVE-2025-57403

Cola Dnslog v1.3.2 is affected by a Directory Traversal vulnerability in the DNS TXT query handling. The root cause is the application concatenating the requested URL (or a portion) with a base path via os.path.join, allowing directory traversal or absolute path injection and potentially exposing...

7.5CVSS6.4AI score0.00962EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/12/26 12:0 a.m.29 views

CVE-2025-57403

Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...

0.00962EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.5 views

PT-2024-26268 · Taurusxin · Ncmdump

Name of the Vulnerable Software and Affected Versions: taurusxin ncmdump version 1.3.2 Description: The issue allows attackers to cause a Denial of Service DoS via memory exhaustion by supplying a crafted .ncm file. Recommendations: For version 1.3.2, consider avoiding the use of crafted .ncm fil...

7.5CVSS7.1AI score0.00642EPSS
Exploits0References9
Patchstack
Patchstack
added 2024/05/17 12:0 a.m.7 views

WordPress Popup4Phone Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Popup4Phone Type Plugin Vulnerable versions = 1.3.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3231 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3a2ba7555452 Credits Bob Matyas Required...

6.1CVSS5.6AI score0.00684EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2023/11/07 12:0 a.m.9 views

WordPress ARI Stream Quiz Plugin <= 1.3.2 is vulnerable to Content Injection

Software ARI Stream Quiz Type Plugin Vulnerable versions = 1.3.2 Fixed in 1.3.3 OWASP Top 10 A5: Broken Access Control Classification Content Injection CVE CVE-2023-47513 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 942a7b806fcf Credits Abdi Pranata Required privilege...

5.4CVSS6.6AI score0.00357EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/10/30 12:0 a.m.13 views

WordPress Grid Plus Plugin <= 1.3.2 is vulnerable to Broken Access Control

Software Grid Plus Type Plugin Vulnerable versions = 1.3.2 Fixed in 1.3.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-34014 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID dd240d0353de Credits Abdi Pranata Required privilege...

6.5AI score0.00421EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/06/23 12:0 a.m.8 views

WordPress Balkon Theme <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Balkon Type Theme Vulnerable versions = 1.3.2 Fixed in 1.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-36502 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 90ca41d6439b Credits RE-ALTER Required privilege...

7.1CVSS5.6AI score0.00402EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2022/02/01 2:15 p.m.6 views

PYSEC-2022-36

Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. Users should upgrade to Apache Superset 1.4.0 or higher...

6.5CVSS6.7AI score0.07863EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/01/08 12:0 a.m.2 views

ImageWorsener Denial of Service Vulnerability

ImageWorsener is a set of image scaling and processing utilities. A security vulnerability exists in the 'getrawsampleint' function in the imagew-main.c file of the libimageworsener.a file in ImageWorsener version 1.3.2. When libjpeg 8d is used, an attacker can exploit this vulnerability to cause...

5.3CVSS6.7AI score0.00891EPSS
Exploits1References1
Rows per page
Query Builder