CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2025-49036 is a Local File Inclusion vulnerability in WordPress Premium Addons for KingComposer (versions up to 1.1.1). The issue arises from improper control of filename handling for include/require statements in PHP, enabling an attacker to potentially include local files. No exploit vector...

8.1CVSS5.9AI score0.00146EPSS

Exploits0References1

Citrix•added 2025/06/04 12:0 a.m.•9 views

Newly published App-V applications are not visible to end users

After most recent upgrade of Web Studio users are not able to see newly published App-V packages/applications. This issue affects only newly published App-V applications...

7AI score

Exploits0

RedhatCVE•added 2025/05/22 9:49 a.m.•4 views

CVE-2011-4052

Stack-based buffer overflow in CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 allows remote attackers to execute arbitrary code via a crafted 0x15 aka Remove File operation for a file with a long name...

9.3CVSS8.4AI score0.05403EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:48 a.m.•6 views

CVE-2011-4051

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control...

10CVSS7.8AI score0.7309EPSS

Exploits4References1

RedhatCVE•added 2025/05/22 8:18 a.m.•3 views

CVE-2019-14427

XSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a branch under the Branches button that sets the notes parameter with crafted JavaScript code...

6.1CVSS5.9AI score0.00211EPSS

Exploits5References1

RedhatCVE•added 2025/05/22 12:29 a.m.•6 views

CVE-2011-1900

Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 6.1 and 7.x before 7.0+Patch 1 allows remote attackers to execute arbitrary code via an invalid request...

10CVSS8AI score0.49258EPSS

Exploits2References1

Citrix•added 2025/04/14 12:0 a.m.•8 views

CVAD- 2308- Delete VM operation is showing access denied in the Web studio and same works in studio.

After the upgrade of the site from 2305 to 2308, the delegated users get a permissioned denied message when trying to delete a VM. Other operation from the web studio works fine. Same delete operation works fine in the desktop studio, but it shows access denied in the web studio. Under the CDF...

6.9AI score

Exploits0

Citrix•added 2024/03/14 12:0 a.m.•4 views

PowerShell logging feature is available in Web Studio

This article describes the new feature "PowerShell logging" in Citrix DaaS Web Studio...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by