Lucene search
K

17 matches found

Nuclei
Nuclei
added yesterday6 views

Adobe ColdFusion - RDS Arbitrary File Write

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary code execution in the context of the current user. The RDS FILEIO WRITE operation allows unauthenticated...

10CVSS7.5AI score0.28583EPSS
Exploits3References2
Circl
Circl
added 2026/07/01 3:37 a.m.42 views

CVE-2026-48282

creationtimestamp| type| source ---|---|--- 2026-07-01 03:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mpklnwud3g2a 2026-07-01 09:45:14+00:00| seen| https://www.cert.dk/news/2026-07-01/Kritiske-ColdFusion-saarbarheder-aabner-for-fuld-serverovertagelse 2026-07-01 13:00:13+00:00|...

10CVSS7.1AI score0.28583EPSS
Exploits3References120
Patchstack
Patchstack
added 2025/05/19 4:34 p.m.7 views

WordPress Majestic Support plugin <= 1.1.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by LVT-tholv2k in WordPress Plugin Majestic Support versions = 1.1.0...

5.3CVSS6.7AI score0.00224EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/05/19 3:15 p.m.13 views

CVE-2025-48282

Missing Authorization vulnerability in Majestic Support Majestic Support majestic-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Majestic Support: from n/a through = 1.1.0...

5.3CVSS0.00224EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/19 2:45 p.m.9 views

CVE-2025-48282 WordPress Majestic Support <= 1.1.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Majestic Support Majestic Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Majestic Support: from n/a through 1.1.0...

5.3CVSS5.3AI score0.00224EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 2:45 p.m.19 views

CVE-2025-48282 WordPress Majestic Support plugin <= 1.1.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Majestic Support Majestic Support majestic-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Majestic Support: from n/a through = 1.1.0...

5.3CVSS0.00224EPSS
Exploits0References1
CVE
CVE
added 2025/05/19 2:45 p.m.33 views

CVE-2025-48282

CVE-2025-48282 affects WordPress plugin Majestic Support (versions up to and including 1.1.0). The flaw is a Missing Authorization vulnerability caused by incorrectly configured access control levels, enabling bypass of protections without authentication. CVSS 3.1 base score 5.3 (Network, Low att...

5.3CVSS5.9AI score0.00224EPSS
Exploits0References1
Circl
Circl
added 2024/10/15 4:6 p.m.7 views

CVE-2024-48282

creationtimestamp| type| source ---|---|--- 2024-10-15 16:06:16+00:00| seen| https://t.me/cvedetector/7919 2024-10-16 20:00:58+00:00| seen| https://t.me/arvinclub1/1153 2024-10-16 20:04:26+00:00| seen| https://t.me/ZeroEthicalCourse/1743...

7.6CVSS4.8AI score0.00411EPSS
Exploits1References3
OSV
OSV
added 2024/10/15 1:15 p.m.3 views

CVE-2024-48282

A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP request...

7.6CVSS6.1AI score0.00411EPSS
Exploits1References1
Circl
Circl
added 2023/12/17 2:17 p.m.6 views

CVE-2023-48282

creationtimestamp| type| source ---|---|--- 2023-12-17 14:17:17+00:00| seen| https://t.me/ctinow/155607...

8.8CVSS8.6AI score0.00264EPSS
Exploits0References1
NVD
NVD
added 2023/11/30 1:15 p.m.12 views

CVE-2023-48282

Cross-Site Request Forgery CSRF vulnerability in Andrea Landonio Taxonomy filter allows Cross Site Request Forgery.This issue affects Taxonomy filter: from n/a through 2.2.9...

8.8CVSS0.00264EPSS
Exploits0References1
CVE
CVE
added 2023/11/30 1:7 p.m.69 views

CVE-2023-48282

CVE-2023-48282 affects the WordPress Taxonomy filter plugin (versions

8.8CVSS8.5AI score0.00264EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/23 12:0 a.m.11 views

WordPress Taxonomy filter Plugin <= 2.2.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software Taxonomy filter Type Plugin Vulnerable versions = 2.2.9 Fixed in 2.2.10 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48282 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID ad5f47ddab4a Credits Nguyen Xuan Chien...

8.8CVSS7AI score0.00264EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2023/02/21 10:16 p.m.5 views

CVE-2022-48282

creationtimestamp| type| source ---|---|--- 2023-02-21 22:16:50+00:00| seen| https://t.me/cibsecurity/58637...

7.2CVSS7AI score0.01049EPSS
Exploits0References1
NVD
NVD
added 2023/02/21 7:15 p.m.47 views

CVE-2022-48282

Under very specific circumstances see Required configuration section below, a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C. This affects all MongoDB .NET/C Driver versions prior to and...

7.2CVSS6.7AI score0.01049EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/02/21 6:35 p.m.9 views

CVE-2022-48282 Deserializing compromised object with MongoDB .NET/C# Driver may cause remote code execution

Under very specific circumstances see Required configuration section below, a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C. This affects all MongoDB .NET/C Driver versions prior to and...

6.6CVSS7AI score0.01049EPSS
Exploits0References2
CVE
CVE
added 2023/02/21 6:35 p.m.382 views

CVE-2022-48282

CVE-2022-48282 affects MongoDB .NET/C# Driver up to version 2.18.0. Under very specific conditions, a privileged user can cause arbitrary code execution via deserialization, involving applications written in C# running on Windows with the full .NET Framework, taking user data, and serializing wit...

7.2CVSS6.7AI score0.01049EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder