Lucene search
K

665 matches found

Cvelist
Cvelist
added 2026/06/05 10:28 p.m.32 views

CVE-2026-7654 Admin Columns <= 7.0.18 - Authenticated (Contributor+) PHP Object Injection to Remote Code Execution via Custom Field Meta Value

The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of unserialize without an allowedclasses restriction in the IdsToCollection::getidsfromstring function, which processes...

8.8CVSS0.00652EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.12 views

CVE-2026-8653

The MasterStudy LMS Pro Plus plugin for WordPress is vulnerable to generic SQL Injection via the 'columns' parameter in all versions up to, and including, 4.8.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

6.5CVSS5.7AI score0.00217EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/05 3:52 p.m.14 views

NocoDB: Hidden LTAR Column Exposure in Public Shared-View Relation Endpoints

Summary The public shared-view relation endpoints accepted a caller-supplied column ID without verifying that the column was visible in the shared view, so anyone holding a share UUID could read links from any LTAR column on the view's table — including columns the view owner had hidden. Details...

6.9CVSS5.5AI score0.00239EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/05 3:52 p.m.4 views

GHSA-9WGH-M22W-9XJ8 NocoDB: Hidden LTAR Column Exposure in Public Shared-View Relation Endpoints

Summary The public shared-view relation endpoints accepted a caller-supplied column ID without verifying that the column was visible in the shared view, so anyone holding a share UUID could read links from any LTAR column on the view's table — including columns the view owner had hidden. Details...

6.9CVSS5.5AI score0.00239EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/06/05 12:0 a.m.9 views

WordPress Admin Columns plugin <= 7.0.18 - Authenticated (Contributor+) PHP Object Injection to Remote Code Execution vulnerability

Authenticated Contributor+ PHP Object Injection to Remote Code Execution vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Admin Columns versions = 7.0.18...

8.8CVSS5.7AI score0.00652EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.17 views

PT-2026-47065

Name of the Vulnerable Software and Affected Versions Admin Columns versions prior to 7.0.19 Description The plugin is subject to PHP Object Injection, which can lead to Remote Code Execution. This occurs because the get ids from string function in the IdsToCollection class uses unserialize witho...

8.8CVSS6.1AI score0.00652EPSS
Exploits1References16
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.7 views

WordPress plugin Admin Columns 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

8.8CVSS6.2AI score0.00652EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.18 views

PT-2026-46992

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.05.1 Description Public shared-view relation endpoints fail to verify if a caller-supplied column ID is visible in the shared view. This allows anyone with a share UUID to read links from any LTAR...

6.9CVSS5.8AI score0.00239EPSS
Exploits0References10
NVD
NVD
added 2026/06/04 2:16 a.m.9 views

CVE-2026-8653

The MasterStudy LMS Pro Plus plugin for WordPress is vulnerable to generic SQL Injection via the 'columns' parameter in all versions up to, and including, 4.8.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

6.5CVSS0.00217EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 1:26 a.m.40 views

CVE-2026-8653 MasterStudy LMS Pro Plus <= 4.8.20 - Authenticated (Instructor+) SQL Injection via 'columns' Parameter

The MasterStudy LMS Pro Plus plugin for WordPress is vulnerable to generic SQL Injection via the 'columns' parameter in all versions up to, and including, 4.8.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

6.5CVSS0.00217EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 1:26 a.m.7 views

CVE-2026-8653

The MasterStudy LMS Pro Plus plugin for WordPress is vulnerable to generic SQL Injection via the 'columns' parameter in all versions up to, and including, 4.8.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

6.5CVSS5.9AI score0.00217EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/04 1:26 a.m.9 views

CVE-2026-8653 MasterStudy LMS Pro Plus <= 4.8.20 - Authenticated (Instructor+) SQL Injection via 'columns' Parameter

The MasterStudy LMS Pro Plus plugin for WordPress is vulnerable to generic SQL Injection via the 'columns' parameter in all versions up to, and including, 4.8.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

6.5CVSS5.9AI score0.00217EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 1:26 a.m.17 views

CVE-2026-8653

The MasterStudy LMS Pro Plus plugin for WordPress is vulnerable to a generic SQL Injection via the 'columns' parameter in all versions up to and including 4.8.20, caused by insufficient escaping of the user-supplied value and inadequate query preparation. Authenticated attackers with instructor-l...

6.5CVSS5.9AI score0.00217EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/04 1:26 a.m.11 views

EUVD-2026-34191

The MasterStudy LMS Pro Plus plugin for WordPress is vulnerable to generic SQL Injection via the 'columns' parameter in all versions up to, and including, 4.8.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

6.5CVSS5.9AI score0.00217EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.15 views

PT-2026-46129

The MasterStudy LMS Pro Plus plugin for WordPress is vulnerable to generic SQL Injection via the 'columns' parameter in all versions up to, and including, 4.8.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

6.5CVSS5.9AI score0.00217EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 4:59 p.m.8 views

CVE-2026-48149

Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parsemarkdown straight to innerHTML with no sanitizer packages/bbui/src/Markdown/MarkdownViewer.svelte:22. Any column a builder binds to a Text component in Markdown mod...

8.1CVSS5.8AI score0.00226EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.8 views

Snipe-IT 跨站脚本漏洞

Snipe-IT is a set of open-source IT asset/license management systems developed by Grokability. Versions of Snipe-IT prior to 8.4.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from unescaped notes columns, which could lead to cross-site scripting attacks...

5.4CVSS5.6AI score0.00218EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/17 12:11 p.m.8 views

CVE-2018-25338

Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract database information using union-based techniques. Attackers can exploit the hashtag parameter with union-based payloads to retrieve table and column names...

8.8CVSS5.9AI score0.00267EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: postgresql (UTSA-2026-017576)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017576 advisory. A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns...

4.3CVSS5.8AI score0.01466EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/07 1:57 p.m.9 views

CVE-2026-44349 Daptin fuzzy search injects unvalidated column name into raw SQL

Daptin is a GraphQL/JSON-API headless CMS. Prior to version 0.11.5, processFuzzySearch in server/resource/resourcefindallpaginated.go:1484 splits the user-supplied column parameter by comma and interpolates each segment directly into goqu.Lfmt.Sprintf"LOWER%s LIKE ?", prefix+col raw SQL with no...

7.1CVSS5.8AI score0.00305EPSS
Exploits0References2
Rows per page
Query Builder