Vulnerabilidades em givanz
39 resultadosCVE-2025-8521MEDIUMgivanz Vvveb Add Type post-types cross site scriptingEPSS 0.3%CVE-2026-41936HIGHVvveb < 1.0.8.2 XML External Entity Injection via ImportEPSS 0.3%CVE-2026-41935HIGHVvveb < 1.0.8.3 Uncontrolled Recursion Denial of ServiceEPSS 0.3%CVE-2026-45800HIGHVvveb: Authenticated SQL injection in /user/orders via order_by and directionEPSS 0.3%CVE-2025-8975MEDIUMgivanz Vvveb edit.tpl cross site scriptingEPSS 0.3%CVE-2025-11029MEDIUMgivanz Vvveb cross-site request forgeryEPSS 0.3%CVE-2025-11027MEDIUMgivanz Vvveb SVG File cross site scriptingEPSS 0.3%CVE-2026-45622MEDIUMVvveb: Unauthenticated reflected XSS in public product return form via customer_order_idEPSS 0.3%CVE-2025-8976MEDIUMgivanz Vvveb Endpoint post cross site scriptingEPSS 0.3%CVE-2026-34428HIGHVvveb < 1.0.8.1 SSRF via oEmbedProxyEPSS 0.3%CVE-2026-44366MEDIUMVvveb: Stored XSS via Comment Author FieldEPSS 0.3%CVE-2026-41933MEDIUMVvveb < 1.0.8.3 Directory Listing Information DisclosureEPSS 0.2%CVE-2026-41931MEDIUMVvveb < 1.0.8.2 Information Disclosure via Debug Exception HandlerEPSS 0.2%CVE-2026-45616MEDIUMVvveb: Stored XSS in Posts allows privilege escalation via post editorEPSS 0.2%CVE-2026-41932MEDIUMVvveb < 1.0.8.3 Stored XSS via Signup ControllerEPSS 0.2%CVE-2026-46407HIGHVvveb: admin/auth-token IDOR allows unauthorized disclosure of administrator REST API tokensEPSS 0.2%CVE-2026-44826HIGHVvveb: Vvveb CMS — Negative-quantity cart manipulation allows creation of orders with negative grand totalsEPSS 0.2%CVE-2026-46408HIGHVvveb: checkout IDOR allows unauthorized reuse of another user's cartEPSS 0.2%CVE-2026-41929MEDIUMVvveb < 1.0.8.2 Unauthenticated Reflected XSS via Visual EditorEPSS 0.2%