Lucene search
+L

267 matches found

NVD
NVD
added 2025/12/16 9:16 a.m.18 views

CVE-2025-68084

Missing Authorization vulnerability in Nitesh Ultimate Auction ultimate-auction allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Auction : from n/a through = 4.3.3...

5.4CVSS0.00176EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/16 8:13 a.m.35 views

CVE-2025-68084 WordPress Ultimate Auction plugin <= 4.3.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Nitesh Ultimate Auction ultimate-auction allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Auction : from n/a through = 4.3.3...

5.4CVSS0.00176EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.9 views

WordPress plugin Ultimate Auction 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.3CVSS6.4AI score0.0025EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.9 views

PT-2025-51413

Name of the Vulnerable Software and Affected Versions Nitesh Ultimate Auction versions through 4.3.2 Description A flaw exists in Nitesh Ultimate Auction that allows the retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update Nitesh...

5.3CVSS6.3AI score0.0025EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.8 views

PT-2025-51463

Missing Authorization vulnerability in Nitesh Ultimate Auction ultimate-auction allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Auction : from n/a through = 4.3.2...

5.4CVSS7AI score0.00176EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/12/12 9:48 a.m.9 views

WordPress Ultimate Auction plugin <= 4.3.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin Ultimate Auction versions = 4.3.2...

5.3CVSS7AI score0.0025EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/12 9:13 a.m.7 views

WordPress Ultimate Auction plugin <= 4.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Ultimate Auction versions = 4.3.2...

5.4CVSS7AI score0.00176EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.5 views

WonderCMS 跨站脚本漏洞

WonderCMS is an open source PHP-based content management system CMS from WonderCMS, Inc. A cross-site scripting vulnerability exists in WonderCMS version 4.3.2, which stems from the presence of cross-site scripting in the module installation endpoints, which could lead to the injection of malicio...

8.8CVSS6.4AI score0.00372EPSS
Exploits0References4
NVD
NVD
added 2025/10/22 3:15 p.m.6 views

CVE-2025-49937

Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smash Balloon Social Post Feed: from n/a through = 4.3.2...

4.3CVSS0.00215EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.8 views

CVE-2025-49937

CVE-2025-49937 concerns a Missing Authorization issue (Broken Access Control) in the WordPress plugin Smash Balloon Social Post Feed (custom-facebook-feed). Affected versions are up to and including 4.3.2. The vulnerability arises from incorrectly configured access control security levels, enabli...

4.3CVSS6.6AI score0.00215EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.6 views

PT-2025-43201

Name of the Vulnerable Software and Affected Versions Smash Balloon Social Post Feed versions through 4.3.2 Description An authorization issue exists in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed. This allows exploitation of incorrectly configured access control security...

4.3CVSS6.6AI score0.00215EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/10/09 9:41 a.m.9 views

WordPress Smash Balloon Social Post Feed plugin <= 4.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Smash Balloon Social Post Feed versions = 4.3.2...

4.3CVSS7AI score0.00215EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-15108

Malware in sbrugna...

5.5CVSS5.7AI score0.00197EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.13 views

EUVD-2014-0084

Malware in sbrugna...

5.5CVSS6.2AI score0.00951EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-45397

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.0087EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-36861

Malicious code in bioql PyPI...

7.8CVSS6.6AI score0.00191EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-1924

Malicious code in bioql PyPI...

2.9CVSS6.3AI score0.002EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-0078

Malicious code in bioql PyPI...

2.7CVSS3.7AI score0.00676EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-18976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'dochecksum' function in 'checksum.c'. It can be triggered by sending ...

5.5CVSS6.6AI score0.0066EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/28 3:51 p.m.4 views

Security Bulletin: IBM Transformation Advisor is affected by vulnerability found in Node.js (CVE-2025-7338)

Summary There is a vulnerability in Node.js used by IBM Transformation Advisor, The issues have been addressed in an update. Vulnerability Details CVEID:CVE-2025-7338 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is present starting in version...

7.5CVSS9.1AI score0.00649EPSS
Exploits0Affected Software1
Rows per page
Query Builder