CVE-2026-3324

Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration...

EUVD-2026-23247

Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration...

CVE-2026-3324

Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration...

CVE-2026-3324

Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration...

CVE-2026-3324 Authentication Bypass

Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration...

CVE-2026-3324

The CVE-2026-3324 issue affects Zohocorp ManageEngine Log360 versions 13000–13013, where authentication bypass can occur on certain actions due to improper filter configuration. The root cause is misconfigured access filters, enabling unauthorized access without credentials. The CVSSv3.1 base met...

CVE-2026-3324 Authentication Bypass

Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration...

CVE-2025-13000

The db-access WordPress plugin through 0.8.7 does not have authorization in an AJAX action, allowing any authenticated users, such as subscriber to perform SQLI attacks...

CVE-2025-13000 DB Access <= 0.8.7 - Subscriber+ SQLi

The db-access WordPress plugin through 0.8.7 does not have authorization in an AJAX action, allowing any authenticated users, such as subscriber to perform SQLI attacks...

CVE-2025-13000

CVE-2025-13000 concerns the WordPress plugin “db-access” up to version 0.8.7, where an insufficient authorization check in an AJAX action permits any authenticated user (including subscribers) to perform SQL injection. Supported details from connected sources confirm the root cause as missing aut...

CVE-2024-13000

A vulnerability was found in PHPGurukul Small CRM 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/quote-details.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to th...

Linux Distros Unpatched Vulnerability : CVE-2017-13000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802154.c:ieee802154ifprint. CVE-2017-13000 Note that Nessus relies on the...

CVE-2024-13000 PHPGurukul Small CRM quote-details.php sql injection

A vulnerability was found in PHPGurukul Small CRM 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/quote-details.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to th...

CVE-2024-13000

The CVE-2024-13000 entry describes a SQL injection in PHPGurukul Small CRM 1.0, caused by manipulation of the id parameter in /admin/quote-details.php. The vulnerability is network-exploitable with remote initiation, and exploits have been disclosed publicly. Affected component: the /admin/quote-...

CVE-2020-13000

...

CVE-2020-13000

CVE-2020-13000 entry is rejected/not used and does not represent an active vulnerability entry.

CVE-2019-13000

CVE-2019-13000 concerns Eclair (up to v0.3). The description states that an Incorrect Access Control can allow an attacker to trigger a loss of funds. Multiple connected records corroborate this core issue. The material does not provide exploitation vectors, affected editions beyond “0.3,” or exp...

CVE-2018-13000

AEF (Advanced Electron Forum) v1.0.9 contains a persistent Cross‑Site Scripting (XSS) vulnerability in the Private Message module, originating from unsanitized content in the FTP Link editor. A remote attacker with restricted privileges can inject a script payload via the editor’s FTP Link elemen...

AEF CMS v1.0.9 - (PM) Persistent Cross Site Vulnerability

Document Title: =============== AEF CMS v1.0.9 - PM Persistent Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2123 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-13000 CVE-ID: ======= CVE-2018-13000 Release Date:...

openSUSE Security Update : tcpdump (openSUSE-2017-1205)

This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...