CVE-2026-6446

creationtimestamp| type| source ---|---|--- 2026-05-05 17:33:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3ml4pseejey2g...

CVE-2026-6446 My Social Feeds <= 1.0.4 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'ttp_get_accounts' AJAX Action

The My Social Feeds – Social Feeds Embedder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to and including 1.0.4 via the 'ttpgetaccounts' AJAX action. This is due to the complete absence of authorization checks no capability verification and nonce...

Linux Distros Unpatched Vulnerability : CVE-2017-6446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS was discovered in Dotclear v2.11.2, affecting admin/blogs.php and admin/users.php with the sortby and order parameters. CVE-2017-6446 Note that Nessus relie...

CVE-2019-6446

creationtimestamp| type| source ---|---|--- 2025-07-21 22:33:42+00:00| seen| Telegram/wxiFf6M25dJVugcc06YfWpabY2xLpV5-zYBKwGZZSxarg...

CVE-2025-6446

creationtimestamp| type| source ---|---|--- 2025-06-21 23:30:45+00:00| published-proof-of-concept| Telegram/5DOq2DiFQqVGP4NgcBlMmGjMiliyLoJ8urq1ooGyZBVufk 2025-06-21 23:43:48+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19139 2025-06-22 02:15:49+00:00| seen|...

CVE-2025-6446 code-projects Client Details System index.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Client Details System 1.0. This issue affects some unknown processing of the file /clientdetails/admin/index.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated...

CVE-2025-6446

CVE-2025-6446 affects code-projects Client Details System 1.0, where SQL injection arises from lack of validation of the Username parameter in /clientdetails/admin/index.php. The issue allows remote exploitation, with publicly disclosed exploits and potential disclosure/exfiltration of database d...

CVE-2025-6446 code-projects Client Details System index.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Client Details System 1.0. This issue affects some unknown processing of the file /clientdetails/admin/index.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated...

TencentOS Server 3: numpy (TSSA-2022:0057)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0057 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0057: numpy (ALINUX3-SA-2022:0057)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0057 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-6446: DISPUTED An issue was discovered in...

CVE-2024-6446

creationtimestamp| type| source ---|---|--- 2024-09-12 19:48:04+00:00| seen| https://t.me/cvedetector/5500...

CVE-2024-6446 Business Logic Errors in GitLab

An issue has been discovered in GitLab affecting all versions starting from 17.1 to 17.1.7, 17.2 prior to 17.2.5 and 17.3 prior to 17.3.2. A crafted URL could be used to trick a victim to trust an attacker controlled application...

CVE-2024-6446 Business Logic Errors in GitLab

An issue has been discovered in GitLab affecting all versions starting from 17.1 to 17.1.7, 17.2 prior to 17.2.5 and 17.3 prior to 17.3.2. A crafted URL could be used to trick a victim to trust an attacker controlled application...

RHEL 6 : numpy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - numpy: crafted serialized object passed in numpy.load in pickle python module allows arbitrary code...

RHEL 7 : numpy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - numpy: crafted serialized object passed in numpy.load in pickle python module allows arbitrary code...

RHEL 7 : numpy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - numpy: crafted serialized object passed in numpy.load in pickle python module allows arbitrary code...

WordPress Calculated Fields Form Plugin <= 1.2.40 is vulnerable to Cross Site Scripting (XSS)

Software Calculated Fields Form Type Plugin Vulnerable versions = 1.2.40 Fixed in 1.2.41 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6446 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 412adf4208bf Credits emad Required...

Ubuntu: Security Advisory (USN-6446-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6446-3)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6446-3 advisory. Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-6446-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6446-2 advisory. Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized...