Lucene search
K

318 matches found

vulnersosv
vulnersosv
added 2025/03/27 6:31 p.m.7 views

@capriza/far (>=0.1.2 <=2.4.2), @cobalt-engine/cobower (=2.0.0) +388 more potentially affected by CVE-2024-12905 via tar-fs (>=0.1.8 <=1.16.3)

tar-fs NPM version =0.1.8, =0.1.2, =6.0.3, =6.0.3, =6.0.3, =2.1.1, =0.10.2, =0.0.0-beta.1, =0.0.0-beta.1, =0.0.0-beta.1, =0.1.0, =0.1.0, =1.0.5, =1.1.2 - @elm-node/npm-scripts =1.0.0 - @hlsrules-test/fc-libreoffice =1.0.0 and more Source cves: CVE-2024-12905 Source advisory: OSV:GHSA-PQ67-2WWV-3X...

7.5CVSS6.6AI score0.02186EPSS
Exploits2
nvd
nvd
added 2025/01/21 6:15 p.m.11 views

CVE-2025-22267

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpweaver Weaver Themes Shortcode Compatibility weaver-themes-shortcode-compatibility allows Stored XSS.This issue affects Weaver Themes Shortcode Compatibility: from n/a through = 1.0.4...

6.5CVSS0.00206EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/01/21 5:21 p.m.9 views

CVE-2025-22267 WordPress Weaver Themes Shortcode Compatibility Plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bruce Wampler Weaver Themes Shortcode Compatibility allows Stored XSS. This issue affects Weaver Themes Shortcode Compatibility: from n/a through 1.0.4...

6.5CVSS6.4AI score0.00206EPSS
Exploits0References1
cvelist
cvelist
added 2025/01/21 5:21 p.m.22 views

CVE-2025-22267 WordPress Weaver Themes Shortcode Compatibility Plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpweaver Weaver Themes Shortcode Compatibility weaver-themes-shortcode-compatibility allows Stored XSS.This issue affects Weaver Themes Shortcode Compatibility: from n/a through = 1.0.4...

6.5CVSS0.00206EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/01/21 12:0 a.m.3 views

WordPress plugin Weaver Themes Shortcode Compatibility 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...

6.5CVSS7.7AI score0.00206EPSS
Exploits0References2
patchstack
patchstack
added 2025/01/18 12:0 a.m.3 views

WordPress Weaver Themes Shortcode Compatibility Plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 Patchstack Alliance in WordPress Plugin Weaver Themes Shortcode Compatibility versions = 1.0.4...

6.5CVSS6.1AI score0.00206EPSS
Exploits0Affected Software1
nvd
nvd
added 2024/11/19 6:15 p.m.9 views

CVE-2024-48070

An issue in Weaver E-cology v. attackers construct special requests to insert remote malicious code and to trigger malicious code execution, and control server privileges...

9.8CVSS0.00698EPSS
Exploits0References2
nvd
nvd
added 2024/11/19 6:15 p.m.12 views

CVE-2024-48072

Weaver Ecology v9. was discovered to contain a SQL injection vulnerability via the component...

9.8CVSS0.00434EPSS
Exploits0References2
osv
osv
added 2024/11/19 6:15 p.m.4 views

CVE-2024-48072

Weaver Ecology v9. was discovered to contain a SQL injection vulnerability via the component...

9.8CVSS5.8AI score0.00434EPSS
Exploits0References2
osv
osv
added 2024/11/19 6:15 p.m.5 views

CVE-2024-48070

An issue in Weaver E-cology v. attackers construct special requests to insert remote malicious code and to trigger malicious code execution, and control server privileges...

9.8CVSS5.9AI score0.00698EPSS
Exploits0References2
osv
osv
added 2024/11/19 6:15 p.m.4 views

CVE-2024-48069

A vulnerability was found in Weaver E-cology allows attackers use race conditions to bypass security mechanisms to upload malicious files and control server privileges...

9.8CVSS5.8AI score0.00402EPSS
Exploits0References2
nvd
nvd
added 2024/11/19 6:15 p.m.13 views

CVE-2024-48069

A vulnerability was found in Weaver E-cology allows attackers use race conditions to bypass security mechanisms to upload malicious files and control server privileges...

9.8CVSS0.00402EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/11/19 12:0 a.m.3 views

Weaver e-cology 安全漏洞

Weaver e-cology is a collaborative management application platform from China's Weaver. A security vulnerability exists in Weaver e-cology v9, which is prone to SQL injection attacks...

9.8CVSS7.8AI score0.00698EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/11/19 12:0 a.m.7 views

PT-2024-32980 · Unknown · Weaver E-Cology

Name of the Vulnerable Software and Affected Versions: Weaver E-cology versions 9.x Description: The issue allows attackers to construct special requests to insert remote malicious code and trigger malicious code execution, potentially gaining control of server privileges. It is related to a SQL...

9.8CVSS8AI score0.00698EPSS
Exploits0References5
cnnvd
cnnvd
added 2024/11/19 12:0 a.m.5 views

Weaver e-cology 安全漏洞

Weaver e-cology is a collaborative management application platform from China's Weaver. A security vulnerability exists in Weaver e-cology version v9, which stems from vulnerability to remote code execution attacks, where an attacker can execute arbitrary code by injecting a carefully crafted...

9.8CVSS8.3AI score0.00402EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/11/19 12:0 a.m.10 views

CVE-2024-48072

Weaver Ecology v9. was discovered to contain a SQL injection vulnerability via the component...

8.3AI score0.00434EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/11/19 12:0 a.m.11 views

CVE-2024-48069

A vulnerability was found in Weaver E-cology allows attackers use race conditions to bypass security mechanisms to upload malicious files and control server privileges...

7.1AI score0.00402EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/11/19 12:0 a.m.4 views

Weaver e-cology 安全漏洞

Weaver e-cology is a collaborative management application platform from China's Weaver. A security vulnerability exists in Weaver e-cology v9, which is prone to SQL injection attacks...

9.8CVSS7.8AI score0.00434EPSS
Exploits0References2
cvelist
cvelist
added 2024/11/19 12:0 a.m.22 views

CVE-2024-48072

Weaver Ecology v9. was discovered to contain a SQL injection vulnerability via the component...

0.00434EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/11/19 12:0 a.m.9 views

CVE-2024-48070

An issue in Weaver E-cology v. attackers construct special requests to insert remote malicious code and to trigger malicious code execution, and control server privileges...

7.2AI score0.00698EPSS
Exploits0References2
Rows per page
Query Builder