CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

ATTACKERKB•added 2026/04/02 2:45 p.m.•1 views

CVE-2026-34799

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dnsmasq/hosts/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00034EPSS

Exploits0References3Affected Software1

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-34799 Malicious code in test-mlw1-ngwee-greys (npm)

The package test-mlw1-ngwee-greys was found to contain malicious code...

7.2AI score

Exploits0

CVE•added 2024/06/11 4:35 p.m.•50 views

CVE-2024-34799

CVE-2024-34799 is a Missing Authorization vulnerability in the BookingPress WordPress plugin, affecting BookingPress versions n/a–1.0.82. The issue allows an attacker to alter appointment times without authorization. Wordfence details indicate the vulnerability exists in BookingPress and has a pa...

6.5CVSS6.8AI score0.00146EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/06/11 4:35 p.m.•23 views

CVE-2024-34799 WordPress BookingPress plugin <= 1.0.82 - Appointment Duration Manipulation vulnerability

Missing Authorization vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.82...

6.5CVSS0.00146EPSS

Exploits0References1

Vulnrichment•added 2024/06/11 4:35 p.m.•24 views

CVE-2024-34799 WordPress BookingPress plugin <= 1.0.82 - Appointment Duration Manipulation vulnerability

Missing Authorization vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.82...

6.5CVSS6.9AI score0.00146EPSS

Exploits0References1

Patchstack•added 2024/05/20 12:0 a.m.•12 views

WordPress BookingPress Plugin <= 1.0.82 is vulnerable to Broken Access Control

Software BookingPress Type Plugin Vulnerable versions = 1.0.82 Fixed in 1.0.83 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-34799 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3083b71a4e1a Credits Mochamad Sofyan Required...

6.5CVSS6.6AI score0.00146EPSS

Exploits0References2Affected Software1

Circl•added 2022/06/30 10:38 p.m.•1 views

CVE-2022-34799

creationtimestamp| type| source ---|---|--- 2022-06-30 22:38:55+00:00| seen| https://t.me/cibsecurity/45438...

4.3CVSS4.6AI score0.00335EPSS

Exploits0References1

Cvelist•added 2022/06/30 5:47 p.m.•14 views

CVE-2022-34799

Jenkins Deployment Dashboard Plugin 1.0.10 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...

5.3AI score0.00335EPSS

Exploits0References1

CVE•added 2022/06/30 5:47 p.m.•272 views

CVE-2022-34799

CVE-2022-34799 affects Jenkins Deployment Dashboard Plugin versions 1.0.10 and earlier. The vulnerability arises from storing a password unencrypted in the plugin’s global configuration file on the Jenkins controller (specifically de.codecentric.jenkins.dashboard.DashboardView.xml), which can be ...

4.3CVSS4.9AI score0.00335EPSS

Exploits0References1Affected Software1

CVE•added 1976/01/01 12:0 a.m.•4 views

CVE-2025-34799

CVE-2025-34799 is rejected/not used as stated in the Initial Description.

6.6AI score

Exploits0

Cvelist•added 1976/01/01 12:0 a.m.•23 views

CVE-2025-34799

...

Exploits0

Rows per page