Lucene search
K

121 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-24747

Malware in sbrugna...

8.8CVSS8.6AI score0.01414EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-1783

Malware in sbrugna...

6.4CVSS6.4AI score0.02268EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2009-4634

Malware in sbrugna...

7.5CVSS6.4AI score0.02271EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-0086

Malware in sbrugna...

5CVSS6.4AI score0.01606EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-51623

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00486EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/24 4:6 p.m.7 views

CVE-2025-55741

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete privilege for products are unable to delete individual products via the standard endpoint, as expected. However, these users can bypass intend...

8.1CVSS6.2AI score0.00387EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/05/27 1:14 a.m.4 views

SUSE CVE-2025-3580

An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator account. This vulnerability exists in the DELETE /api/org/users/ endpoint. The vulnerability can be exploited when: 1. An Organization administrator...

5.5CVSS6.9AI score0.00378EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 9:19 a.m.4 views

CVE-2024-5895

A vulnerability, which was classified as critical, has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. This issue affects the function deleteusers of the file /classes/Users.php?f=delete. The manipulation of the argument id leads to sql injection. The attack may be...

9.8CVSS8.1AI score0.00612EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:52 p.m.7 views

CVE-2022-4266

The Bulk Delete Users by Email WordPress plugin through 1.2 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete non admin users by knowing their email via a CSRF attack...

6.5CVSS6.8AI score0.00326EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:11 a.m.9 views

CVE-2012-1897

Multiple cross-site request forgery CSRF vulnerabilities in Wolf CMS 0.75 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 delete users via the user id number to admin/user/delete; 2 delete pages via the page id number to admin/page/delete;...

6.8CVSS7.7AI score0.0119EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.4 views

WordPress plugin MelaPress Login Security和WordPress plugin MelaPress Login Security Premium 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.2CVSS8.2AI score0.00355EPSS
Exploits0References6
OSV
OSV
added 2025/03/23 5:15 p.m.3 views

CVE-2025-2655

A vulnerability was detected in SourceCodester AC Repair and Services System 1.0. The affected element is the function saveusers/deleteusers of the file /classes/Users.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The...

9.8CVSS5.8AI score0.00547EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/02/23 12:19 a.m.11 views

CVE-2025-25767

A vertical privilege escalation vulnerability in the component /controller/UserController.java of MRCMS v3.1.2 allows attackers to arbitrarily delete users via a crafted request...

4.8CVSS7AI score0.00306EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.4 views

Q-Free MAXTIME Suite 安全漏洞

Q-Free MAXTIME Suite is a software suite for local traffic signal management from Q-Free. A security vulnerability exists in Q-Free MAXTIME Suite version 2.11.0 and prior versions that stems from a missing authorization in maxprofile/users/routes.lua. An attacker could exploit the vulnerability t...

8.1CVSS6.3AI score0.00509EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 12:0 a.m.17 views

CVE-2024-54927

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteusers.php...

7.3AI score0.00475EPSS
Exploits1References1
OSV
OSV
added 2024/11/13 8:15 p.m.4 views

CVE-2024-40443

SQL Injection vulnerability in Simple Laboratory Management System using PHP and MySQL v.1.0 allows a remote attacker to cause a denial of service via the deleteusers function in the Useres.php...

4.3CVSS5.9AI score0.00738EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.5 views

SOCIFI Guest wifi 安全漏洞

SOCIFI Guest wifi is a web portal of SOCIFI UK. A security vulnerability exists in SOCIFI Guest wifi. An attacker exploiting this vulnerability could switch to another guest dashboard and perform actions such as modifying users, deleting users, etc...

7.6CVSS6.7AI score0.00326EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.9 views

PT-2024-10906 · Socifi · Socifi Guest Wifi

Name of the Vulnerable Software and Affected Versions: SOCIFI Socifi Guest wifi as SAAS wifi portal affected versions not specified Description: The issue concerns insecure permissions, allowing any authorized customer with partner mode to switch to another customer dashboard. This enables them t...

7.6CVSS6.9AI score0.00326EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/29 12:0 a.m.9 views

PT-2024-37150 · WordPress · Tutor Lms Pro

Name of the Vulnerable Software and Affected Versions: The Tutor LMS Pro plugin for WordPress versions up to, and including, 2.7.2 Description: The issue allows authenticated attackers with subscriber-level access and above to perform administrative actions on the site, such as deleting comments,...

7.1CVSS6.8AI score0.00355EPSS
Exploits0References10
OSV
OSV
added 2024/08/12 1:38 p.m.4 views

CVE-2024-7667

A vulnerability, which was classified as critical, was found in SourceCodester Car Driving School Management System 1.0. This affects the function deleteusers of the file User.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

5.3CVSS6.5AI score0.00542EPSS
Exploits1References4
Rows per page
Query Builder