CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

Circl•added 2024/07/09 1:56 p.m.•0 views

CVE-2024-37430

creationtimestamp| type| source ---|---|--- 2024-07-09 13:56:00+00:00| seen| https://t.me/cvedetector/316...

5.3CVSS4.8AI score0.00144EPSS

Exploits0References1

Vulnrichment•added 2024/07/09 10:36 a.m.•18 views

CVE-2024-37430 WordPress Patreon WordPress plugin <= 1.9.0 - Image Protection Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in patreon Patreon WordPress patreon-connect.This issue affects Patreon WordPress: from n/a through = 1.9.0...

5.3CVSS5.2AI score0.00144EPSS

Exploits0References1

Cvelist•added 2024/07/09 10:36 a.m.•24 views

CVE-2024-37430 WordPress Patreon WordPress plugin <= 1.9.0 - Image Protection Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in patreon Patreon WordPress patreon-connect.This issue affects Patreon WordPress: from n/a through = 1.9.0...

5.3CVSS0.00144EPSS

Exploits0References1

Patchstack•added 2024/06/28 12:0 a.m.•11 views

WordPress Patreon WordPress Plugin <= 1.9.0 is vulnerable to Bypass Vulnerability

Software Patreon WordPress Type Plugin Vulnerable versions = 1.9.0 Fixed in 1.9.1 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-37430 Patch priority Low CVSS severity Low 5.3 Developer Patreon PSID 5d86fa6898c3 Credits MCboyIR Required privilege Unauthenticated...

5.3CVSS6.6AI score0.00144EPSS

Exploits0References2Affected Software1

Circl•added 2023/08/22 10:22 p.m.•1 views

CVE-2023-37430

creationtimestamp| type| source ---|---|--- 2023-08-22 22:22:06+00:00| seen| https://t.me/cibsecurity/68985...

8.1CVSS7.9AI score0.00228EPSS

Exploits0References1

NVD•added 2023/08/22 7:16 p.m.•11 views

CVE-2023-37430

Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and...

8.1CVSS7.3AI score0.00228EPSS

Exploits0References1

CVE•added 2023/08/22 6:8 p.m.•42 views

CVE-2023-37430

CVE-2023-37430 concerns multiple SQL injection vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator. The flaws allow an authenticated remote attacker to exfiltrate or modify data in the underlying database, potentially leading to exposure and corruption of sens...

8.1CVSS7.3AI score0.00228EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/08/22 6:8 p.m.•12 views

CVE-2023-37430 Authenticated SQL Injection Vulnerabilities in EdgeConnect SD-WAN Orchestrator Web-based Management Interface

6.5CVSS8.4AI score0.00228EPSS

Exploits0References1

Circl•added 2022/11/23 7:13 a.m.•1 views

CVE-2022-37430

creationtimestamp| type| source ---|---|--- 2022-11-23 07:13:46+00:00| seen| Telegram/wRrhLrF0lHqd66ANcc9rWaTK6ueoyamGXiarkK3mvnv5Nw...

5.4CVSS5.5AI score0.00322EPSS

Exploits0

OSV•added 2022/11/23 2:15 a.m.•17 views

CVE-2022-37430

Silverstripe silverstripe/framework through 4.11 allows XSS vulnerability via href attribute of a link issue 2 of 2...

5.4CVSS5.3AI score0.00322EPSS

Exploits0References4

CVE•added 2022/11/23 12:0 a.m.•82 views

CVE-2022-37430

CVE-2022-37430 affects SilverStripe framework up to version 4.11. The issue is an XSS in the HTMLEditor sanitiser, where uppercase attributes in the href attribute of links can be exploited to inject JavaScript. Root cause is related to how the href attribute is handled in sanitisation (uppercase...

5.4CVSS5.2AI score0.00322EPSS

Exploits0References4Affected Software1