Lucene search
K

200 matches found

OSV
OSV
added 2026/03/25 11:53 p.m.5 views

CVE-2026-34056 OpenEMR has a Privilege Escalation that Allows a Low-Level User to View Admin-Only Data

OpenEMR is a free and open source electronic health records and medical practice management application. A Broken Access Control vulnerability in OpenEMR up to and including version 8.0.0.3 allows low-privilege users to view and download Ensora eRx error logs without proper authorization checks...

7.7CVSS5.8AI score0.00271EPSS
Exploits1References4
NVD
NVD
added 2026/03/13 7:55 p.m.6 views

CVE-2026-3045

The Appointment Booking Calendar — Simply Schedule Appointments plugin for WordPress is vulnerable to unauthorized access of sensitive data in all versions up to and including 1.6.9.29. This is due to two compounding weaknesses: 1 a non-user-bound publicnonce is exposed to unauthenticated users...

7.5CVSS0.0029EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/13 7:23 a.m.7 views

CVE-2026-3045

The Appointment Booking Calendar — Simply Schedule Appointments plugin for WordPress is vulnerable to unauthorized access of sensitive data in all versions up to and including 1.6.9.29. This is due to two compounding weaknesses: 1 a non-user-bound publicnonce is exposed to unauthenticated users...

7.5CVSS5.8AI score0.0029EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.10 views

PT-2026-25154

The Appointment Booking Calendar — Simply Schedule Appointments plugin for WordPress is vulnerable to unauthorized access of sensitive data in all versions up to and including 1.6.9.29. This is due to two compounding weaknesses: 1 a non-user-bound public nonce is exposed to unauthenticated users...

7.5CVSS5.8AI score0.0029EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2026/03/04 8:6 p.m.11 views

Vaultwarden has 2FA Bypass on Protected Actions due to Faulty Rate Limit Enforcement

Summary Vaultwarden v1.34.3 and prior are susceptible to a 2FA bypass when performing protected actions. An attacker who gains authenticated access to a users account can exploit this bypass to perform protected actions such as accessing the user's API key or deleting the user's vault and...

6CVSS5.9AI score0.0026EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/02/27 6:31 p.m.4 views

EUVD-2019-19718

Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pt' parameter. Attackers can send GET requests to the admin/getcmsdata.php endpoint with malicious 'pt' values to extract sensitive database...

8.8CVSS6AI score0.00315EPSS
Exploits1References4
CVE
CVE
added 2026/02/18 7:25 a.m.27 views

CVE-2026-1860

The Kali Forms WordPress plugin (versions

4.3CVSS5.6AI score0.00289EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2026/02/17 12:0 a.m.267 views

📄 n8n Workflow Automation Remote Configuration / Admin Data Extraction

This Metasploit module exploits multiple vulnerabilities in n8n workflow automation tool. It leverages a file read vulnerability to steal encryption keys and database, then uses stolen credentials to authenticate and execute arbitrary commands via the Execute Command node...

10CVSS9AI score0.71647EPSS
Exploits18
RedhatCVE
RedhatCVE
added 2026/02/12 1:4 a.m.10 views

CVE-2025-65127

A lack of session validation in the web API component of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote unauthenticated attackers to access administrative information-retrieval functions intended for authenticated users. By invoking "get" operations, attackers can obtain device...

6.5CVSS5.6AI score0.00324EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 5:16 p.m.6 views

CVE-2025-65127

A lack of session validation in the web API component of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote unauthenticated attackers to access administrative information-retrieval functions intended for authenticated users. By invoking "get" operations, attackers can obtain device...

6.5CVSS0.00324EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/11 12:0 a.m.3 views

CVE-2025-65127

A lack of session validation in the web API component of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote unauthenticated attackers to access administrative information-retrieval functions intended for authenticated users. By invoking "get" operations, attackers can obtain device...

5.6AI score0.00324EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.5 views

PT-2026-7622

Name of the Vulnerable Software and Affected Versions Shenzhen Zhibotong Electronics ZBT WE2001 version 23.09.27 Description A missing session validation check within the web API component allows unauthenticated remote attackers to access administrative functions designed for authorized users...

5.5AI score0.00324EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/02/11 12:0 a.m.24 views

CVE-2025-65127

A lack of session validation in the web API component of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote unauthenticated attackers to access administrative information-retrieval functions intended for authenticated users. By invoking "get" operations, attackers can obtain device...

0.00324EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/06 6:10 p.m.27 views

CVE-2025-69216 OpenSTAManager has an SQL Injection in Scadenzario Print Template

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an authenticated SQL injection vulnerability in OpenSTAManager's Scadenzario Payment Schedule print template allows any authenticated user to extract sensitive data from the database...

8.7CVSS0.00354EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

EspoCRM 安全漏洞

EspoCRM is an open-source, web-based Customer Relationship Management system CRM developed by EspoCRM. This system offers features such as sales automation, community management, and customer support. Version 5.8.5 of EspoCRM contains a security vulnerability. This vulnerability stems from an...

9.8CVSS5.8AI score0.00549EPSS
Exploits1References3
NVD
NVD
added 2026/01/29 3:16 p.m.5 views

CVE-2020-37008

EasyPMS 1.0.0 contains an authentication bypass vulnerability that allows unprivileged users to manipulate SQL queries in JSON requests to access admin user information. Attackers can exploit weak input validation by injecting single quotes in ID parameters and modify admin user passwords without...

8.7CVSS0.00456EPSS
Exploits0References3
CVE
CVE
added 2026/01/29 2:28 p.m.10 views

CVE-2020-37008

CVE-2020-37008 affects EasyPMS 1.0.0. The vulnerability is an authentication bypass that lets unprivileged users manipulate SQL queries in JSON requests by injecting single quotes in ID parameters, allowing access to admin user information and potential modification of admin passwords without pro...

8.7CVSS5.9AI score0.00456EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/29 2:28 p.m.4 views

CVE-2020-37008

EasyPMS 1.0.0 contains an authentication bypass vulnerability that allows unprivileged users to manipulate SQL queries in JSON requests to access admin user information. Attackers can exploit weak input validation by injecting single quotes in ID parameters and modify admin user passwords without...

8.7CVSS5.9AI score0.00456EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/27 9:23 p.m.5 views

CVE-2026-24437

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 serve sensitive administrative content without appropriate cache-control directives. As a result, browsers may store credential-bearing responses locally, exposing them to subsequent unauthorized access...

5.5CVSS5.9AI score0.00154EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/26 5:40 p.m.29 views

CVE-2026-24437 Tenda W30E V2 Missing Cache Controls for Credential-bearing Pages

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 serve sensitive administrative content without appropriate cache-control directives. As a result, browsers may store credential-bearing responses locally, exposing them to subsequent unauthorized access...

4.8CVSS0.00154EPSS
Exploits0References2
Rows per page
Query Builder