CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

CNNVD•added 2026/04/01 12:0 a.m.•2 views

WordPress plugin Booking for Appointments and Events Calendar - Amelia SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The WordPres...

6.5CVSS5.9AI score0.00013EPSS

Exploits0References5

Snyk•added 2026/03/25 5:45 p.m.•3 views

Arbitrary File Upload

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Arbitrary File Upload in the saveFile function. An authenticated user with manage permissions on a video can execute arbitrary code on the server by uploading a...

8.8CVSS6.2AI score0.0039EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-0192

Malware in sbrugna...

4.3CVSS4.5AI score0.0012EPSS

Exploits0References7

OSV•added 2021/06/15 4:11 p.m.•17 views

GHSA-4MG4-WVMX-5332 Server-Side Request Forgery in Plone

Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file...

5.3CVSS4.5AI score0.0012EPSS

Exploits0References6

Github Security Blog•added 2021/06/15 4:11 p.m.•53 views

Incorrect Permission Assignment for Critical Resource in Plone

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

9.9CVSS4.3AI score0.00846EPSS

Exploits0References5Affected Software1

OSV•added 2021/06/15 4:11 p.m.•25 views

GHSA-HM2P-FHWX-9285 Incorrect Permission Assignment for Critical Resource in Plone

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

9.9CVSS9AI score0.00846EPSS

Exploits0References6

OSV•added 2021/05/21 10:15 p.m.•11 views

CVE-2021-33509

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

9.9CVSS6.5AI score

Exploits0References2

PyPA•added 2021/05/21 10:15 p.m.•4 views

PYSEC-2021-82

Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file...

4.3CVSS6.8AI score0.0012EPSS

Exploits0References3Affected Software1

Prion•added 2021/05/21 10:15 p.m.•12 views

Code injection

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

8.5CVSS8.9AI score0.00846EPSS

Exploits0References2Affected Software1

OSV•added 2021/05/21 10:15 p.m.•15 views

PYSEC-2021-81

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

9.9CVSS4.8AI score0.00846EPSS

Exploits0References3

CVE•added 2021/05/21 9:33 p.m.•109 views

CVE-2021-33509

Plone 5.2.4 and earlier are affected by an arbitrary file-write vulnerability. Remote authenticated managers can cause disk I/O by sending crafted keyword arguments to the ReStructuredText transform in Python scripts, enabling potential file writes to the server. Root cause is exposed via docutil...

9.9CVSS8.9AI score0.00846EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by