Lucene search
K

889 matches found

Cvelist
Cvelist
added 2026/04/08 6:43 a.m.21 views

CVE-2026-5169 Inquiry form to posts or pages <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Form Header Field

The Inquiry Form to Posts or Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Form Header' field in versions up to and including 1.0. This is due to insufficient input sanitization when saving via updateoption and lack of output escaping when displaying the stored...

4.4CVSS0.00254EPSS
Exploits0References7
Patchstack
Patchstack
added 2026/04/07 11:22 p.m.5 views

WordPress Inquiry form to posts or pages plugin <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Form Header Field vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via Form Header Field vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Inquiry form to posts or pages versions = 1.0...

4.4CVSS5.9AI score0.00254EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.3 views

PT-2026-30507

eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection t...

8.8CVSS6AI score0.00529EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/04 6:17 a.m.10 views

AVideo: Unauthenticated Information Disclosure via Missing Auth on CloneSite client.log.php

Summary The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesystem paths, remote server URLs, and SSH connection metadata. Details...

5.3CVSS5.9AI score0.00367EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.7 views

PT-2026-30336

Name of the Vulnerable Software and Affected Versions AVideo versions 26.0 and prior Description The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without authentication. Other endpoints in the CloneSite plugin directory enforce User::isAdmin. The log contains...

5.3CVSS6AI score0.00367EPSS
Exploits1References5
Snyk
Snyk
added 2026/04/01 11:25 p.m.1 views

Cross-site Scripting (XSS)

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Scripting XSS in the rendering of menu item fields such as icon classes, URLs, and text labels without proper output encoding in the TopMenu plugin. An...

6.1CVSS5.8AI score0.00167EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/01 10:30 p.m.6 views

Directory Traversal

Overview phpmyfaq/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Directory Traversal via the index function in MediaBrowserController when the fileRemove action is triggered and user input is concatenated with the...

8.7CVSS6.5AI score0.00693EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/01 10:30 p.m.4 views

Directory Traversal

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Directory Traversal via the index function in MediaBrowserController when the fileRemove action is triggered and user input is concatenated with the...

8.7CVSS6.5AI score0.00693EPSS
Exploits1References2
OSV
OSV
added 2026/03/31 10:47 p.m.6 views

GHSA-C5C6-37VQ-PJCQ baserCMS Path Traversal Leads to Arbitrary File Write and RCE via Theme File API

Summary A path traversal vulnerability exists in the baserCMS 5.x theme file management API /baser/api/admin/bc-theme-file/themefiles/add.json that allows arbitrary file write. An authenticated administrator can include ../ sequences in the path parameter to create a PHP file in an arbitrary...

7.2CVSS6.8AI score0.01049EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/03/31 10:27 p.m.5 views

baserCMS has OS Command Injection Leading to Remote Code Execution (RCE)

Summary In the core update functionality of baserCMS, some parameters sent from the admin panel are passed to the exec function without proper validation or escaping. This issue allows an authenticated CMS administrator to execute arbitrary OS commands on the server Remote Code Execution, RCE. Th...

9.1CVSS6.5AI score0.02282EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.5 views

PT-2026-29023

I’ve added a new entry to my CVE list , CVE number 1️⃣ 3️⃣ . CVE-2026-4315 The issue is a Cross-Site Request Forgery CSRF in the Fireware OS Web UI that can allow a remote attacker to trigger a denial-of-service DoS condition by luring an authenticated administrator into visiting a malicious page...

7.1CVSS5.9AI score0.00223EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/26 6:4 p.m.8 views

LibreNMS is Vulnerable to Remote Code Execution by Arbitrary File Write

Summary A vulnerability has been identified that allows an authenticated administrator to execute arbitrary code on the host server. By modifying the binary path settings for built-in network tools and bypassing an input filter, an attacker with administrative privileges can download and execute...

8.5CVSS6.3AI score0.07533EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:19 p.m.7 views

CVE-2025-55040

The import form CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to upload and install malicious form definitions through a CSRF attack. The vulnerable cForm.importform function lacks CSRF token validation, enabling malicious websites to forge file upload requests that install...

8.8CVSS5.8AI score0.00163EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:19 p.m.4 views

CVE-2025-55044

The Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to restore deleted content from the trash to unauthorized locations through CSRF. The vulnerable cTrash.restore function lacks CSRF token validation, enabling malicious websites to forge requests that restore content...

8.8CVSS5.8AI score0.00128EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/03/26 10:22 a.m.134 views

Exploit for Argument Injection in Weblate

Weblate -- Arbitrary File Read via SSH Host Argument Injection...

9.1CVSS6AI score0.00447EPSS
Exploits3
Snyk
Snyk
added 2026/03/25 5:48 p.m.3 views

Cross-site Request Forgery (CSRF)

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the setPermission.json.php endpoint. An attacker can modify user group permissions and escalate privileges by tricking an...

8.8CVSS5.8AI score0.00172EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.7 views

PT-2026-28512

Name of the Vulnerable Software and Affected Versions Metabase Enterprise versions 1.47 through 1.54.21 Metabase Enterprise versions 1.55.0 through 1.55.21 Metabase Enterprise versions 1.56.0 through 1.56.21 Metabase Enterprise versions 1.57.0 through 1.57.15 Metabase Enterprise versions 1.58.0...

9CVSS6.2AI score0.00763EPSS
Exploits1References14
Patchstack
Patchstack
added 2026/03/23 6:27 p.m.5 views

WordPress Multi Functional Flexi Lightbox plugin <= 1.2 - Authenticated (Admin+) Stored Cross-Site Scripting via 'message' Parameter vulnerability

Authenticated Admin+ Stored Cross-Site Scripting via 'message' Parameter vulnerability discovered by san6051 - PWC in WordPress Plugin Multi Functional Flexi Lightbox versions = 1.2...

5.5CVSS5.8AI score0.0026EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/23 12:9 p.m.4 views

CVE-2026-31848 Reversible ecos_pw Cookie Allows Authentication Bypass in Nexxt Nebula 300+

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecospw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can reconstruct or forge a valid...

8.7CVSS5.8AI score0.00281EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/23 12:9 p.m.30 views

CVE-2026-31848 Reversible ecos_pw Cookie Allows Authentication Bypass in Nexxt Nebula 300+

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecospw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can reconstruct or forge a valid...

8.7CVSS0.00281EPSS
Exploits0References2
Rows per page
Query Builder