Lucene search
K

28 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 4:48 p.m.7 views

CVE-2026-48265 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00283EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 12:16 a.m.8 views

CVE-2026-10586

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.3 via the saveaigeneratedimage function. This makes it possible for authenticated attackers, with Author-level...

7.2CVSS0.00213EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Traccar 安全漏洞

Traccar is a Java-based website building system provided by the American company Traccar. This software supports over 170 GPS protocols and over 1500 types of GPS tracking devices. Traccar can be used alongside any major SQL database systems. It also offers a user-friendly REST API. There were...

5.4CVSS5.8AI score0.00183EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/02 4:27 a.m.3 views

CVE-2026-4658

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the className, classHook, and blockId attributes in the Add to Cart block essential-blocks/add-to-cart in all versions up to, and including, 6.0.4. This...

6.4CVSS6AI score0.00419EPSS
Exploits0References11
EUVD
EUVD
added 2026/03/11 3:31 a.m.5 views

EUVD-2026-11023

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.0003EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.6 views

PT-2026-24541

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.0003EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.5 views

PT-2026-22742

Name of the Vulnerable Software and Affected Versions Django versions 4.2 before 4.2.29 Django versions 5.2 before 5.2.12 Django versions 6.0 before 6.0.3 Django versions 3.2.x and earlier Django versions 4.1.x and earlier Django versions 5.0.x and earlier Description A race condition exists in...

3.7CVSS5.9AI score0.00341EPSS
Exploits0References21
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.8 views

WordPress plugin Business Directory Plugin – Easy Listing Directories SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

7.5CVSS5.9AI score0.00432EPSS
Exploits0References4
CVE
CVE
added 2026/01/07 8:21 a.m.16 views

CVE-2025-13497

CVE-2025-13497 : The Recras WordPress plugin is affected by a Stored Cross‑Site Scripting (XSS) flaw via the shortcode attribute recrasname . The issue is exploitable by authenticated attackers with at least Contributor privileges to inject web scripts that execute when users visit the injected p...

6.4CVSS4.7AI score0.00243EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-8836

Malware in sbrugna...

7.5CVSS6.5AI score0.06889EPSS
Exploits1References15
OSV
OSV
added 2024/12/27 2:15 p.m.11 views

AZL-55715 CVE-2024-53170 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blkmqclearflushrqmapping is not called during scsi probe, by checking blkqueueinitdone. However, QUEUEFLAGINITDONE is cleared in delgendisk by commit aec89dc5d421 "block: keep...

7.8CVSS6.5AI score0.00235EPSS
Exploits0References1
OSV
OSV
added 2024/12/10 10:15 p.m.3 views

CVE-2024-52860

Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user inpu...

5.4CVSS6AI score0.00737EPSS
Exploits0References1
OSV
OSV
added 2024/12/10 10:15 p.m.4 views

CVE-2024-52840

Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM element through a crafted URL or user inpu...

5.4CVSS6AI score0.00877EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/28 12:0 a.m.2 views

NetIQ Advanced Authentication 安全漏洞

NetIQ Advanced Authentication is an application from NetIQ UK. It provides a more secure way to protect your sensitive information by moving away from usernames and passwords. A security vulnerability exists in NetIQ Advanced Authentication versions prior to 6.3.5.1 that stems from an insufficien...

8.8CVSS6.5AI score0.00178EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.4 views

WordPress Plugin Site Reviews Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.4CVSS5.8AI score0.00551EPSS
Exploits0References4
OSV
OSV
added 2023/12/20 2:15 p.m.3 views

CVE-2023-51462

Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS5.7AI score0.00379EPSS
Exploits0References1
OSV
OSV
added 2023/12/15 11:15 a.m.3 views

CVE-2023-48621

Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS5.7AI score
Exploits0References1
OSV
OSV
added 2023/12/15 11:15 a.m.6 views

CVE-2023-48599

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS5.7AI score0.00597EPSS
Exploits0References1
OSV
OSV
added 2023/12/15 11:15 a.m.5 views

CVE-2023-48502

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS5.7AI score0.00597EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.8 views

PT-2023-7861 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.18 and earlier Description: The issue is related to a reflected Cross-Site Scripting XSS vulnerability. It can be exploited if a low-privileged attacker convinces a victim to visit a URL referencing a...

5.5CVSS4.7AI score0.00562EPSS
Exploits0References5
Rows per page
Query Builder