CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

76 matches found

RedhatCVE•added 2026/03/26 3:17 p.m.•1 views

CVE-2026-32423

Missing Authorization vulnerability in Bowo Admin and Site Enhancements ASE admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements ASE: from n/a through = 8.4.0...

5.4CVSS5.8AI score0.00037EPSS

Exploits0References1

EUVD•added 2026/03/13 9:31 p.m.•0 views

EUVD-2026-11951

5.4CVSS5.8AI score0.00037EPSS

Exploits0References2

Cvelist•added 2026/03/13 11:42 a.m.•23 views

CVE-2026-32423 WordPress Admin and Site Enhancements (ASE) plugin <= 8.4.0 - Broken Access Control vulnerability

5.4CVSS0.00037EPSS

Exploits0References1

CVE•added 2026/03/13 11:42 a.m.•5 views

CVE-2026-32423

The CVE-2026-32423 entry concerns the WordPress Admin and Site Enhancements (ASE) plugin, version

5.4CVSS5.8AI score0.00037EPSS

Exploits0References1

RedhatCVE•added 2026/01/16 11:31 p.m.•3 views

CVE-2021-47808

Cotonti Siena 0.9.19 contains a stored cross-site scripting vulnerability in the admin configuration panel's site title parameter. Attackers can inject malicious JavaScript code through the 'maintitle' parameter to execute scripts when administrators view the page...

5.4CVSS6.3AI score0.00017EPSS

Exploits1References1

NVD•added 2026/01/16 12:16 a.m.•1 views

CVE-2021-47808

5.4CVSS0.00017EPSS

Exploits1References4

CVE•added 2026/01/15 11:25 p.m.•7 views

CVE-2021-47808

CVE-2021-47808 relates to Cotonti Siena 0.9.19, exposing a stored cross-site scripting (XSS) vulnerability in the admin configuration panel’s site title parameter. The issue allows injection of JavaScript through the ‘maintitle’ field, enabling script execution when administrators view the page. ...

5.4CVSS5.9AI score0.00017EPSS

Exploits1References4Affected Software1

RedhatCVE•added 2026/01/09 10:55 a.m.•2 views

CVE-2022-38281

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/site/list...

7.2CVSS8.1AI score0.00368EPSS

Exploits1References1

Positive Technologies•added 2026/01/01 12:0 a.m.•2 views

PT-2026-7318

Name of the Vulnerable Software and Affected Versions Kanboard versions prior to 1.2.50 Description Kanboard is project management software. A Cross-Site Request Forgery CSRF issue exists in the ProjectPermissionController. The application does not strictly enforce the application/json Content-Ty...

5.7CVSS5.4AI score0.00021EPSS

Exploits1References9

GithubExploit•added 2025/12/29 6:28 p.m.•104 views

Exploit for CVE-2025-15495

CVE-2025-15495 - Arbitrary File Upload Leading to Remote Code...

5.8CVSS7.8AI score0.00034EPSS

Exploits2

RedhatCVE•added 2025/12/10 2:22 p.m.•3 views

CVE-2025-64255

2.7CVSS6.9AI score0.00033EPSS

Exploits0References1

NVD•added 2025/12/09 4:18 p.m.•3 views

CVE-2025-64255

2.7CVSS0.00033EPSS

Exploits0References1

CVE•added 2025/12/09 2:13 p.m.•7 views

CVE-2025-64255

Technical details for CVE-2025-64255 are not provided in the supplied documents. No information on affected versions, root cause, exploit scenarios, or fixes. Monitor for updates from official advisories and connected sources.

2.7CVSS6.5AI score0.00033EPSS

Exploits0References1

Cvelist•added 2025/12/09 2:13 p.m.•26 views

CVE-2025-64255 WordPress Admin and Site Enhancements (ASE) plugin <= 8.0.8 - Broken Access Control vulnerability

2.7CVSS0.00033EPSS

Exploits0References1