CVE-2026-33570 Subnet Solutions PowerSYSTEM Center Incorrect Authorization

PowerSYSTEM Center REST API endpoint for devices allows a low privilege authenticated user to access information normally limited by operational permissions...

CVE-2026-33570

creationtimestamp| type| source ---|---|--- 2026-05-12 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-02...

CVE-2023-33570

Bagisto v1.5.1 is vulnerable to Server-Side Template Injection SSTI...

CVE-2021-33570

Postbird 0.8.4 allows stored XSS via the onerror attribute of an IMG element in any PostgreSQL database table. This can result in reading local files via vectors involving XMLHttpRequest and open of a file:/// URL, or discovering PostgreSQL passwords via vectors involving Window.localStorage and...

CVE-2024-33570

creationtimestamp| type| source ---|---|--- 2025-02-20 23:26:57+00:00| seen| Telegram/G0QaDym-Bij5In6PfDCB8c5858EC1sXKsd0AJvX8QxB-qy...

CVE-2024-33570

CVE-2024-33570: Metform Elementor Contact Form Builder for WordPress (versions ≤ 3.8.3) has a Missing Authorization/Broken Access Control vulnerability. The issue enables unauthorized access due to missing authorization checks. Reported as affecting Metform Elementor Contact Form Builder; remedia...

CVE-2024-33570 WordPress MetForm plugin <= 3.8.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Roxnor Metform metform.This issue affects Metform: from n/a through = 3.8.3...

CVE-2023-33570

creationtimestamp| type| source ---|---|--- 2023-06-29 00:13:13+00:00| seen| https://t.me/cibsecurity/65680...

CVE-2023-33570

Bagisto v1.5.1 is vulnerable to Server-Side Template Injection SSTI...

CVE-2023-33570

Bagisto v1.5.1 is vulnerable to Server-Side Template Injection SSTI...

CVE-2023-33570

Bagisto v1.5.1 is vulnerable to Server-Side Template Injection SSTI...

CVE-2023-33570

Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI). Affected software: Bagisto 1.5.1; vulnerability type SSTI in template rendering. Underlying impact is described as HIGH for confidentiality, integrity, and availability; network attack vector with low privileges required and n...

CVE-2021-33570

creationtimestamp| type| source ---|---|--- 2021-05-28 01:19:23+00:00| seen| https://t.me/pwnwikizhchannel/515...

Postbird 0.8.4 - Javascript Injection Exploit

Exploit Title: Postbird 0.8.4 - Javascript Injection Exploit Author: Debshubra Chakraborty Vendor Homepage: https://github.com/paxa/postbird Software Link: https://www.electronjs.org/apps/postbird Version: 0.8.4 Tested on: Linux CVE : CVE-2021-33570 """ XSS Payload LFI Payload PostgreSQL Password...

Postbird 0.8.4 Cross Site Scripting / Local File Inclusion

Exploit Title: Postbird 0.8.4 - Javascript Injection Date: 26 May 2021 Exploit Author: Debshubra Chakraborty Vendor Homepage: https://github.com/paxa/postbird Software Link: https://www.electronjs.org/apps/postbird Version: 0.8.4 Tested on: Linux CVE : CVE-2021-33570 """ XSS Payload LFI Payload...

Postbird 0.8.4 - Javascript Injection

Exploit Title: Postbird 0.8.4 - Javascript Injection Date: 26 May 2021 Exploit Author: Debshubra Chakraborty Vendor Homepage: https://github.com/paxa/postbird Software Link: https://www.electronjs.org/apps/postbird Version: 0.8.4 Tested on: Linux CVE : CVE-2021-33570 """ XSS Payload LFI Payload...

CVE-2021-33570

Postbird 0.8.4 is affected by a stored XSS via the IMG onerror attribute in any PostgreSQL table. The vulnerability can lead to local-file access via XMLHttpRequest and file://, and to credential exposure via window.localStorage/savedConnections. Exploitation examples and proof-of-concept payload...