Lucene search
K

6612 matches found

Nuclei
Nuclei
added yesterday29 views

Sourcecodester Simple Client Management System 1.0 - SQL Injection

Sourcecodester Simple Client Management System 1.0 contains a SQL injection vulnerability via the username field in login.php. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id:...

9.8CVSS7.4AI score0.07515EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday46 views

Hospital Management System 1.0 - SQL Injection

Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/doctor.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id:...

9.8CVSS7.4AI score0.07537EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday18 views

Pinterest Automatic < 4.14.4 - Unauthenticated Arbitrary Options Update

The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the 'wppinterestautomaticparserequest' function and the 'processform.php' script in versions up to, and including, 1.14.3. This makes it possible for unauthenticated attackers to...

9.8CVSS7.3AI score0.04528EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday28 views

MLflow Job API - Authentication Bypass

MLflow latest version contains an authentication bypass caused by unprotected FastAPI job endpoints under /ajax-api/3.0/jobs/ when basic-auth is enabled, letting unauthenticated network clients submit and manage jobs, exploit requires job execution enabled and allowlisted job functions. id:...

9.8CVSS7.4AI score0.04392EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday44 views

Mura CMS <10.0.580 - Authentication Bypass

Mura CMS before 10.0.580 is susceptible to authentication bypass in the Remember Me function. An attacker can bypass authentication via a crafted web request and thereby obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected...

9.8CVSS7.4AI score0.03644EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday39 views

Old Age Home Management System v1.0 - SQL Injection

Old Age Home Management 1.0 is vulnerable to SQL Injection via the username parameter. id: CVE-2023-33338 info: name: Old Age Home Management System v1.0 - SQL Injection author: Harsh severity: critical description: | Old Age Home Management 1.0 is vulnerable to SQL Injection via the username...

9.8CVSS7.4AI score0.03662EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday94 views

PHPIPAM <v1.5.1 - Missing Authorization

In phpIPAM 1.5.1, an unauthenticated user could download the list of high-usage IP subnets that contains sensitive information such as a subnet description, IP ranges, and usage rates via findfullsubnets.php endpoint. The bug lies in the fact that findfullsubnets.php does not verify if the user i...

7.5CVSS6.7AI score0.37304EPSS
Exploits1References1
Nuclei
Nuclei
added yesterday87 views

Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation

The plugin does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This is actively being exploited in the wild. id: CVE-2023-3460 info: name: Ultimate Member 2.6.7 - Unauthenticated Privilege...

9.8CVSS7.7AI score0.72306EPSS
Exploits12References5
Nuclei
Nuclei
added yesterday8 views

Service Finder Bookings - Authentication Bypass

Service Finder Bookings WordPress plugin = 6.0 contains a privilege escalation caused by improper validation of user cookie in servicefinderswitchback function, letting unauthenticated attackers login as any user including admins. id: CVE-2025-5947 info: name: Service Finder Bookings -...

9.8CVSS7.6AI score0.057EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday26 views

Login as User or Customer < 3.3 - Privilege Escalation

The plugin lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session. id: CVE-2022-4305 info: name: Login as User or Customer 3.3 - Privilege Escalation author: r3Y3r53 severity: critical...

9.8CVSS7.3AI score0.38625EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday147 views

Popup-Maker < 1.8.12 - Broken Authentication

An issue was discovered in the Popup Maker plugin before 1.8.13 for WordPress. An unauthenticated attacker can partially control the arguments of the doaction function to invoke certain popmake or pum methods, as demonstrated by controlling content and delivery of popmake-system-info.txt aka the...

9.1CVSS7.3AI score0.09232EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday49 views

Cyber Cafe Management System 1.0 - SQL Injection

Cyber Cafe Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of th...

9.8CVSS7.4AI score0.21282EPSS
Exploits1References5
CVE
CVE
added yesterday9 views

CVE-2026-7840

CVE-2026-7840 (UltraVNC repeater) : A global buffer overflow in the embedded HTTP administration server affects UltraVNC repeater versions up to 1.8.2.2. The functions wi_senderr() and wi_replyhdr() copy the caller-supplied HTTP request URI into a fixed 1000-byte buffer (hdrbuf) using unchecked s...

9.8CVSS6.6AI score0.01203EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday12 views

CVE-2026-7829 UltraVNC repeater authenticated out-of-bounds write in rule parser via oversized token

UltraVNC repeater through 1.8.2.2 contains a post-authentication out-of-bounds write in the allow/deny rule parser. In repeater/webgui/settings.c:225-272, after strncpys copies a rule token into temp1rule1 25-byte destination or temp2/temp3 16-byte destination, the code unconditionally writes a N...

7.2CVSS0.00504EPSS
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-40414

Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication AUTHUSERNAME/AUTHPASSWORD, is reachable unauthenticated at /mcp because the nginx front-end does not apply the authrequest gate to that path and the MCP server auto-mints a...

6.9CVSS5.8AI score0.00437EPSS
Exploits0References6
NVD
NVD
added 2 days ago7 views

CVE-2026-37106

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...

9.8CVSS0.00258EPSS
Exploits0References3
CVE
CVE
added 2 days ago76 views

CVE-2026-10109

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling...

9.8CVSS6.4AI score0.0086EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-50734

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...

7.5CVSS5.7AI score0.00524EPSS
Exploits0References2Affected Software3
Nuclei
Nuclei
added 2 days ago28 views

Directory Management System 1.0 - SQL Injection

Directory Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the...

9.8CVSS7.4AI score0.1833EPSS
Exploits1References5
Nuclei
Nuclei
added 2 days ago49 views

Redash Setup Configuration - Default Secrets Disclosure

Redash Setup Configuration is vulnerable to default secrets disclosure Insecure Default Initialization of Resource. If an admin sets up Redash versions =10.0 and prior without explicitly specifying the REDASHCOOKIESECRET or REDASHSECRETKEY environment variables, a default value is used for both...

8.1CVSS6.6AI score0.08017EPSS
Exploits1References5
Rows per page
Query Builder