Lucene search
K

14 matches found

CVE
CVE
added 2026/01/05 2:2 a.m.11 views

CVE-2025-15452

CVE-2025-15452 affects xnx3 wangmarket up to version 4.9, targeting the Backend Variable Search component: the function variableList.do’s Description parameter can be manipulated to trigger Cross-Site Scripting (XSS). The issue is exploitable remotely, with public PoCs available. Multiple sources...

4.8CVSS3.1AI score0.00235EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/01/01 11:15 p.m.4 views

CVE-2025-15416

A vulnerability was found in xnx3 wangmarket up to 6.4. This affects an unknown function of the file /siteVar/save.do of the component Add Global Variable Handler. The manipulation of the argument Remark/Variable Value results in cross site scripting. The attack can be executed remotely. The...

5.4CVSS5.6AI score
Exploits0References4
NVD
NVD
added 2026/01/01 10:15 p.m.17 views

CVE-2025-15415

A vulnerability has been found in xnx3 wangmarket up to 6.4. The impacted element is the function uploadImage of the file /sits/uploadImage.do of the component XML File Handler. The manipulation of the argument image leads to unrestricted upload. Remote exploitation of the attack is possible. The...

5.8CVSS0.00206EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-1031

Name of the Vulnerable Software and Affected Versions xnx3 wangmarket versions up to 6.4 Description A flaw exists in the XML File Handler component of xnx3 wangmarket. Specifically, the uploadImage function within the /sits/uploadImage.do file allows for unrestricted file uploads through...

5.8CVSS6.4AI score0.00206EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-4296

Malicious code in bioql PyPI...

8CVSS6.6AI score0.00177EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/23 12:21 a.m.15 views

CVE-2025-25769

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /controller/UserController.java...

8CVSS7.5AI score0.00177EPSS
Exploits0References1
NVD
NVD
added 2025/02/21 7:15 p.m.11 views

CVE-2025-25770

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /agency/AgencyUserController.java...

6.8CVSS0.00214EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/21 12:0 a.m.9 views

CVE-2025-25770

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /agency/AgencyUserController.java...

7.7AI score0.00214EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/02/21 12:0 a.m.16 views

CVE-2025-25770

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /agency/AgencyUserController.java...

0.00214EPSS
Exploits1References1
CVE
CVE
added 2025/02/21 12:0 a.m.104 views

CVE-2025-25770

CVE-2025-25770 affects Wangmarket versions v4.10–v5.0 and is described as a Cross-Site Request Forgery (CSRF) vulnerability exposed via the component /agency/AgencyUserController.java. The CVSS v3.1 vector is CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H with a base score of 6.8 (Medium). Impact i...

6.8CVSS7.2AI score0.00214EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/21 12:0 a.m.8 views

CVE-2025-25769

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /controller/UserController.java...

7.7AI score0.00177EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/21 12:0 a.m.24 views

CVE-2025-25769

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /controller/UserController.java...

0.00177EPSS
Exploits0References1
CVE
CVE
added 2025/02/21 12:0 a.m.77 views

CVE-2025-25769

CVE-2025-25769 affects Wangmarket versions v4.10 to v5.0, with a Cross-Site Request Forgery (CSRF) vulnerability in the component /controller/UserController.java. The issue is described in multiple sources in the connected documents as CSRF affecting the specified versions. The CVSS metrics in th...

8CVSS7.2AI score0.00177EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/12/17 1:15 a.m.6 views

CVE-2023-6886

A vulnerability was found in xnx3 wangmarket 6.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Role Management Page. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public...

9.8CVSS5.5AI score0.00851EPSS
Exploits0References3
Rows per page
Query Builder