Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:35 p.m.7 views

CVE-2026-32957

SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue on firmware maintenance. Arbitrary file may be uploaded on the device without authentication...

6.9CVSS7.2AI score0.00274EPSS
Exploits0References1
Circl
Circladded 2026/04/19 7:30 p.m.2 views

CVE-2026-32957

creationtimestamp| type| source ---|---|--- 2026-04-19 19:30:00+00:00| seen| https://jvn.jp/en/vu/JVNVU94271449 2026-04-21 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-10...

6.9CVSS6.5AI score0.00274EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/04/01 5:0 a.m.2 views

CVE-2025-32957

baserCMS is a website development framework. Prior to version 5.2.3, the application's restore function allows users to upload a .zip file, which is then automatically extracted. A PHP file inside the archive is included using requireonce without validating or restricting the filename. An attacke...

8.7CVSS6.3AI score0.00577EPSS
Exploits1References1
Circl
Circladded 2026/03/31 1:17 a.m.1 views

CVE-2025-32957

creationtimestamp| type| source ---|---|--- 2026-03-31 01:17:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3micyy2rkto2j 2026-03-31 01:21:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3micz5zuvuo2h 2026-03-31 03:10:50+00:00| seen|...

8.7CVSS4.8AI score0.00577EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/03/31 12:43 a.m.1 views

CVE-2025-32957 baserCMS: unsafe File Upload Leading to Remote Code Execution (RCE)

baserCMS is a website development framework. Prior to version 5.2.3, the application's restore function allows users to upload a .zip file, which is then automatically extracted. A PHP file inside the archive is included using requireonce without validating or restricting the filename. An attacke...

8.7CVSS6.3AI score0.00577EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/08 12:45 a.m.1 views

EUVD-2025-32957

Malicious code in redirect-1akzwg npm...

6.6AI score
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 10:20 a.m.5 views

CVE-2024-32957

Missing Authorization vulnerability in Live Composer Team Page Builder: Live Composer.This issue affects Page Builder: Live Composer: from n/a through 1.5.38...

4.7CVSS5.2AI score0.00379EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:19 p.m.8 views

CVE-2021-32957

A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for a specific process, and this information collection executes multiple commands and summarizes the information into an XML. This function and subsequent process gives full path to the executable and is...

7.5CVSS6.8AI score0.00832EPSS
Exploits0
NVD
NVDadded 2024/04/26 11:15 a.m.10 views

CVE-2024-32957

Missing Authorization vulnerability in Live Composer Team Page Builder: Live Composer.This issue affects Page Builder: Live Composer: from n/a through 1.5.38...

4.7CVSS4.8AI score0.00379EPSS
Exploits0References1
CVE
CVEadded 2024/04/26 10:58 a.m.60 views

CVE-2024-32957

CVE-2024-32957 is a Missing Authorization vulnerability in Live Composer Page Builder (Live Composer). Affected: Page Builder: Live Composer

4.7CVSS5.2AI score0.00379EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/04/26 10:58 a.m.21 views

CVE-2024-32957 WordPress Page Builder: Live Composer plugin <= 1.5.38 - Broken Access Control vulnerability

Missing Authorization vulnerability in Live Composer Team Page Builder: Live Composer.This issue affects Page Builder: Live Composer: from n/a through 1.5.38...

4.7CVSS5.1AI score0.00379EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/04/23 12:0 a.m.11 views

WordPress Page Builder: Live Composer Plugin <= 1.5.38 is vulnerable to Broken Access Control

Software Page Builder: Live Composer Type Plugin Vulnerable versions = 1.5.38 Fixed in 1.5.39 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32957 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 6edbbb14734c Credits savphill Requir...

4.7CVSS6.9AI score0.00379EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2023/11/16 8:15 p.m.7 views

CVE-2023-32957

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Dazzlersoft Team Members Showcase plugin = 1.3.4 versions...

5.9CVSS0.00386EPSS
Exploits0References1
CVE
CVEadded 2023/11/16 7:52 p.m.73 views

CVE-2023-32957

CVE-2023-32957 concerns the WordPress plugin Team Members Showcase by Dazzlersoft, affected in versions &lt;= 1.3.4. The vulnerability is an authenticated Stored Cross-Site Scripting (XSS) flaw, exploitable by an administrator or higher privileges via admin settings. Multiple sources corroborate ...

5.9CVSS5.1AI score0.00386EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2023/11/08 12:0 a.m.6 views

WordPress Team Members Showcase Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Team Members Showcase Type Plugin Vulnerable versions = 1.3.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32957 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8f4be40a02eb Credits Emili Castells...

5.9CVSS5.8AI score0.00386EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2022/04/01 11:15 p.m.10 views

CVE-2021-32957

A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for a specific process, and this information collection executes multiple commands and summarizes the information into an XML. This function and subsequent process gives full path to the executable and is...

7.5CVSS0.00832EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/04/01 10:17 p.m.18 views

CVE-2021-32957 MDT AutoSave Uncontrolled Search Path Element

A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for a specific process, and this information collection executes multiple commands and summarizes the information into an XML. This function and subsequent process gives full path to the executable and is...

7.5CVSS7.7AI score0.00832EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2022/04/01 10:17 p.m.6 views

CVE-2021-32957 MDT AutoSave Uncontrolled Search Path Element

A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for a specific process, and this information collection executes multiple commands and summarizes the information into an XML. This function and subsequent process gives full path to the executable and is...

7.5CVSS6.8AI score0.00832EPSS
Exploits0References1
CVE
CVEadded 2022/04/01 10:17 p.m.98 views

CVE-2021-32957

The CVE-2021-32957 entry relates to MDT AutoSave prior to version 6.02.06, where a function used to retrieve process system information collects commands and formats results into XML and returns the full path to the executable. This creates a risk of binary hijacking (Uncontrolled Search Path Ele...

7.5CVSS7.6AI score0.00832EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder