CVE-2026-6009

creationtimestamp| type| source ---|---|--- 2026-05-19 20:14:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mma7dep22x2r...

CVE-2026-6009

Java Deserialisation Vulnerability in Jaspersoft Reports Library leads to Remote Code Execution RCE, potentially allowing code execution on the affected system...

CVE-2026-6009 Jaspersoft Library Deserialisation Vulnerability

Java Deserialisation Vulnerability in Jaspersoft Reports Library leads to Remote Code Execution RCE, potentially allowing code execution on the affected system...

CVE-2013-6009

CRLF injection vulnerability in Open-Xchange AppSuite before 7.2.2, when using AJP in certain conditions, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the ajax/defer servlet...

CVE-2025-6009

A vulnerability was found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ipAddPost.php. The manipulation of the argument bz/ipdz leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-6009

creationtimestamp| type| source ---|---|--- 2025-06-12 03:34:09+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18144 2025-06-12 05:48:56+00:00| published-proof-of-concept| Telegram/1Aa4wx5C77-QnNp1HoIjIHD7JstDp4QgHQR99I-iOvE2Mo 2025-06-12 06:22:25+00:00| seen|...

CVE-2025-6009

A vulnerability was found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ipAddPost.php. The manipulation of the argument bz/ipdz leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-6009

A vulnerability was found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ipAddPost.php. The manipulation of the argument bz/ipdz leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-6009

CVE-2025-6009 concerns kiCode111 like-girl 5.2.0. The vulnerability is in the file /admin/ipAddPost.php, where the argument bz/ipdz can be manipulated to cause an SQL injection. Impact is described as remote exploitation with public disclosure of the exploit. Multiple sources confirm the issue an...

CVE-2025-6009 kiCode111 like-girl ipAddPost.php sql injection

A vulnerability was found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ipAddPost.php. The manipulation of the argument bz/ipdz leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2024-6009 itsourcecode Event Calendar process.php regDelete sql injection

A vulnerability has been found in itsourcecode Event Calendar 1.0 and classified as critical. Affected by this vulnerability is the function regConfirm/regDelete of the file process.php. The manipulation of the argument userId leads to sql injection. The attack can be launched remotely. The explo...

CVE-2023-6009

creationtimestamp| type| source ---|---|--- 2023-11-23 10:58:01+00:00| seen| https://t.me/CyberSecurityTechnologies/9447 2024-08-16 08:51:05+00:00| seen| https://t.me/Rootsec2/1998 2024-08-16 08:51:14+00:00| seen| https://t.me/Rootsec2/2051...

CVE-2023-6009

CVE-2023-6009 : The WordPress UserPro plugin (versions up to 5.1.4) is vulnerable to privilege escalation due to insufficient restriction of the function userpro_update_user_profile. An authenticated user with minimal permissions (e.g., a subscriber) can modify their own role by supplying the wp_...

CVE-2023-6009 UserPro <= 5.1.4 - Authenticated (Subscriber+) Privilege Escalation

The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.4 due to insufficient restriction on the 'userproupdateuserprofile' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify...

WordPress Userpro Plugin <= 5.1.4 is vulnerable to Privilege Escalation

Software Userpro Type Plugin Vulnerable versions = 5.1.4 Fixed in 5.1.5 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2023-6009 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 7046ef9feaa8 Credits István Márton Required privilege...

Ubuntu: Security Advisory (USN-6009-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM : Linux kernel (GCP) vulnerabilities (USN-6009-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6009-1 advisory. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use...

CVE-2023-28328

A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of...

CVE-2023-0266

A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRVCTLIOCTLELEMREAD|WRITE32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past...

CVE-2022-41218

In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvbdemuxopen and dvbdmxdevrelease...