Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-17775

Malware in sbrugna...

9.8CVSS9.5AI score0.01343EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-19304

Malicious code in bioql PyPI...

8.1CVSS6.5AI score0.00397EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/29 12:6 p.m.5 views

CVE-2025-52809

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Russell National Weather Service Alerts national-weather-service-alerts allows PHP Local File Inclusion.This issue affects National Weather Service Alerts: from n/a through ...

8.1CVSS5.9AI score0.00397EPSS
Exploits0References1
NVD
NVD
added 2025/06/27 12:15 p.m.4 views

CVE-2025-52809

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Russell National Weather Service Alerts national-weather-service-alerts allows PHP Local File Inclusion.This issue affects National Weather Service Alerts: from n/a through ...

8.1CVSS0.00397EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/27 11:52 a.m.13 views

CVE-2025-52809 WordPress National Weather Service Alerts plugin <= 1.3.5 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Russell National Weather Service Alerts national-weather-service-alerts allows PHP Local File Inclusion.This issue affects National Weather Service Alerts: from n/a through ...

8.1CVSS0.00397EPSS
Exploits0References1
CVE
CVE
added 2025/06/27 11:52 a.m.14 views

CVE-2025-52809

CVE-2025-52809 describes an unauthenticated Local File Inclusion in the WordPress plugin National Weather Service Alerts (versions ≤ 1.3.5). The vulnerability arises from Improper Control of Filename for Include/Require in a PHP program, enabling local file inclusion via user-controlled input. Pu...

8.1CVSS5.9AI score0.00397EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.2 views

PT-2025-27128 · Unknown · John Russell National Weather Service Alerts

Name of the Vulnerable Software and Affected Versions: John Russell National Weather Service Alerts versions 1.3.5 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows...

8.1CVSS7.8AI score0.00397EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/06/27 12:0 a.m.3 views

WordPress plugin National Weather Service Alerts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.1CVSS6.4AI score0.00397EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/06 12:0 a.m.3 views

Unspecified Vulnerability in Green Electronics RainMachine Mini-8 (CNVD-2019-28250)

The Green Electronics RainMachine Mini-8 is a smart irrigation sprinkler from Green Electronics USA. A security vulnerability exists in the 'Weather Service' feature in the Green Electronics RainMachine Mini-8 2nd generation. The vulnerability can be exploited to inject arbitrary Python code via...

9.8CVSS7.4AI score0.01343EPSS
Exploits1References1
Prion
Prion
added 2018/11/01 5:29 p.m.17 views

Code injection

The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 2nd generation allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function...

7.5CVSS9.4AI score0.01343EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/01 5:29 p.m.25 views

CVE-2018-6012

The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 2nd generation allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function...

9.8CVSS9.5AI score0.01343EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/01 5:0 p.m.21 views

CVE-2018-6012

The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 2nd generation allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function...

9.6AI score0.01343EPSS
Exploits1References1
CVE
CVE
added 2018/11/01 5:0 p.m.63 views

CVE-2018-6012

CVE-2018-6012 affects the Green Electronics RainMachine Mini-8 (2nd generation). The vulnerability lies in the Weather Service feature: an attacker can inject arbitrary Python code through the 'Add new weather data source' upload function. This implies potential remote code execution with network...

9.8CVSS9.4AI score0.01343EPSS
Exploits1References1Affected Software1
Fedora
Fedora
added 2015/12/31 1:53 a.m.17 views

[SECURITY] Fedora 22 Update: php-horde-Horde-Service-Weather-2.3.1-1.fc22

Set of classes that provide an abstraction to various online weather service providers. Includes drivers for WeatherUnderground, WorldWeatherOnline, and Google Weather...

3.5AI score
Exploits0
Fedora
Fedora
added 2015/12/28 11:8 p.m.9 views

[SECURITY] Fedora 23 Update: php-horde-Horde-Service-Weather-2.3.1-1.fc23

Set of classes that provide an abstraction to various online weather service providers. Includes drivers for WeatherUnderground, WorldWeatherOnline, and Google Weather...

3.5AI score
Exploits0
Packet Storm
Packet Storm
added 2012/12/17 12:0 a.m.21 views

National Weather Service Cross Site Scripting

Exploit Title: National Weather Service Internet Weather Source alert"XSS" +---------------------------------------------------+ Greetz to : ./CyberSEC...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2012/10/16 8:6 p.m.9 views

Sensitive server info leaked from weather.gov Vulnerability

Kosova Hacker's Security group today release very sensitive server info of "The National Weather Service", which was gathered due to a "Local file inclusion" Vulnerability in weather.gov . By definition, Local File Inclusion also known as LFI is the process of including files on a server through...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2012/10/07 7:46 p.m.7 views

Hackers deface Philippines Department of Environment website

Hackers incensed by the Philippines' controversial cybercrime law have attacked government sites that deliver emergency information during natural disasters. The website of the Department of Environment and Natural Resources DENR was hacked on Saturday, despite calls from Malacañang for a...

6.7AI score
Exploits0
Rows per page
Query Builder