CVE-2026-27368

Missing Authorization vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a...

CVE-2025-27368

creationtimestamp| type| source ---|---|--- 2025-11-12 19:42:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5hfv756o52x...

Security Bulletin: IBM OpenPages Vulnerable to Information Disclosure (CVE-2025-27368)

Summary Application API vulnerability that exposes metadata for configurable fields due to insufficient access control checks in IBM OpenPages has been addressed. Vulnerability Details CVEID:CVE-2025-27368 DESCRIPTION: IBM OpenPages is vulnerable to information disclosure of sensitive information...

CVE-2022-27368

Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component danceLists.phpzhuan...

CVE-2024-27368

creationtimestamp| type| source ---|---|--- 2024-09-09 23:10:41+00:00| seen| https://t.me/cvedetector/5136...

CVE-2023-27368

NETGEAR RAX30 soapserverd Stack-based Buffer Overflow Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific...

CVE-2023-27368

NETGEAR RAX30 soap_serverd is affected by a stack-based buffer overflow that allows authentication bypass. The flaw occurs when soap_serverd parses SOAP headers, failing to validate the length of user-supplied data copied into a fixed-length stack buffer, enabling network-adjacent attackers to by...

CVE-2023-27368

creationtimestamp| type| source ---|---|--- 2023-05-12 13:07:04+00:00| seen| https://t.me/truesecator/4373 2023-05-13 19:50:38+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8288...

CVE-2022-27368

The CVE-2022-27368 entry applies to Cscms Music Portal System v4.2 and describes a SQL injection vulnerability in the dance_Lists.php_zhuan component. The available connected records consistently identify the affected product and vulnerable function but do not provide exploit details, affected ve...

CVE-2022-27368

Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component danceLists.phpzhuan...

CVE-2021-27368

creationtimestamp| type| source ---|---|--- 2021-02-22 18:33:36+00:00| seen| https://t.me/cibsecurity/23935...

CVE-2021-27368

Monica 2.19.1 is affected by a stored XSS on the Contacts page via the First Name field. The issue is documented across multiple sources (CNVD, NVD, Red Hat, OSV, CNVD mirrors) as a stored XSS vulnerability in the Contact page. The available documents do not provide concrete remediation steps or ...

CVE-2020-27368

creationtimestamp| type| source ---|---|--- 2021-01-14 18:49:48+00:00| seen| https://t.me/cibsecurity/22167...

CVE-2020-27368

CVE-2020-27368 affects TOTOLINK A702R router firmware (V1.0.0-B20161227.1023). The issue is Directory Indexing in the Login Portal, enabling access to /icons/ via a GET parameter. Root cause as described: improper directory exposure through the login portal. Impact per CVE entry is partial confid...