Exploit for CVE-2026-5465

CVE-2026-5465: Privilege Escalation en Plugin Amelia WordPress...

CVE-2026-5465

creationtimestamp| type| source ---|---|--- 2026-04-07 08:01:05+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mivcqtypg327 2026-04-07 09:15:25+00:00| seen| Telegram/UjrnvOa2JLE3qzXsFYe7vk49vQcInvR-SenKatBboIQ7n94 2026-04-07 09:37:20+00:00| seen|...

CVE-2026-5465 Amelia <= 2.1.3 - Insecure Direct Object Reference to Authenticated (Employee+) Privilege Escalation via 'externalId' Parameter

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.3. This is due to the UpdateProviderCommandHandler failing to validate changes to the externalId field when a Provider Employe...

CVE-2019-5465

An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosure of the newly created issue ID...

Linux Distros Unpatched Vulnerability : CVE-2017-5465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read while processing SVG content in ConvolvePixel. This results in a crash and also allows for otherwise inaccessible memory being copied into...

CVE-2023-5465

CVE-2023-5465 affects the WordPress Popup with fancybox plugin. Vulnerable through version 3.5 due to insufficient escaping of user input and a lack of proper SQL query preparation. This enables authenticated attackers with subscriber-level permissions to append additional SQL, potentially exposi...

WordPress Popup with fancybox Plugin <= 3.5 is vulnerable to SQL Injection

Software Popup with fancybox Type Plugin Vulnerable versions = 3.5 Fixed in 3.6 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-5465 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 12bd56b92eb5 Credits István Márton Required privilege Contributor...

RHEL 8 : frr (RHSA-2023:5465)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5465 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5465-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5465-1 advisory. It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged...

Mageia: Security Advisory (MGASA-2018-0018)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0118)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Security Advisory (MFSA2017-10) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

SUSE: Security Advisory (SUSE-SU-2017:1175-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1248-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-5465

...

CVE-2020-5465

CVE-2020-5465 is a rejected CVE entry and not used.

CVE-2019-5465

An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosure of the newly created issue ID...

CVE-2019-5465

CVE-2019-5465 affects GitLab CE/EE 8.14 and later. The issue is an information disclosure in the move issue feature that could disclose the newly created issue ID. The Connected documents confirm the vulnerability description across multiple sources, but do not provide concrete remediation detail...

Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2017-1092)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-5465

An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and...