Lucene search
K

5 matches found

Nuclei
Nuclei
added 17 hours ago16 views

Google ADK-Python - Unauthenticated Builder Endpoint

Google Agent Development Kit ADK 1.7.0 through 1.28.1 and 2.0.0a1 through 2.0.0a2 on Python OSS, Cloud Run, and GKE contains a code injection and missing authentication vulnerability, letting unauthenticated remote attackers execute arbitrary code on the server, exploit requires no authentication...

10CVSS6.4AI score0.01816EPSS
Exploits0References1
NVD
NVD
added 2026/06/19 6:17 a.m.12 views

CVE-2026-8118

The Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Arbitrary File Read in versions 1.7.1058 through 1.7.1059. This is due to the wprgetcsvhandle helper introduced in version 1.7.1058 as part of the patch for CVE-2026-6229 falling back to...

6.5CVSS0.0024EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-50845

Name of the Vulnerable Software and Affected Versions The Royal Addons for Elementor – Addons and Templates Kit for Elementor versions 1.7.1058 through 1.7.1059 Description An arbitrary file read issue exists due to the wpr get csv handle helper function. When the settings.table upload csv.url...

6.5CVSS6AI score0.0024EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/08 2:30 a.m.40 views

CVE-2026-11480 Chengdu Everbrite Network Technology BeikeShop Admin Design Builder Endpoint admin.php sql injection

A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. Impacted is an unknown function of the file beike/Admin/Routes/admin.php of the component Admin Design Builder Endpoint. Performing a manipulation of the argument settings.value results in sql injection. I...

6.5CVSS0.002EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.5 views

Adobe Experience Manager (AEM) Querybuilder Internal Path Read

The remote Adobe Experience Manager AEM server is configured to allow unauthenticated users to access internal paths using the Querybuilder endpoint. This may allow an attacker to read sensitive files from the server. The Querybuilder endpoint is typically located at /bin/querybuilder.json and...

6.9AI score
Exploits0References1
Rows per page
Query Builder