Lucene search
K

13 matches found

Vulnrichment
Vulnrichment
added 2025/09/15 12:0 a.m.4 views

CVE-2025-57104

Teampel 5.1.6 is vulnerable to SQL Injection in /Common/login.aspx...

7.6AI score0.00185EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.8 views

PT-2025-37730

Name of the Vulnerable Software and Affected Versions Teampel version 5.1.6 Description Teampel version 5.1.6 is susceptible to SQL Injection through the /Common/login.aspx API endpoint. Recommendations As a temporary workaround, consider restricting access to the /Common/login.aspx endpoint unti...

5.4CVSS7.6AI score0.00185EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2025/06/20 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-25037

An information disclosure vulnerability exists in Aquatronica Controller System firmware versions = 5.1.6 and web interface versions = 2.0. The tcp.php endpoint fails to restrict unauthenticated access, allowing remote attackers to issue crafted POST requests and retrieve sensitive...

9.3CVSS5.8AI score0.01443EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/03/27 11:3 a.m.4 views

WordPress LatePoint plugin <= 5.1.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin LatePoint versions = 5.1.6...

6.5CVSS6.1AI score0.00331EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/12/12 5:50 p.m.4 views

WordPress Essential Real Estate plugin <= 5.1.6 - Missing Authorization to Authenticated (Contributor+) Information Exposure vulnerability

Missing Authorization to Authenticated Contributor+ Information Exposure vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin Essential Real Estate versions = 5.1.6...

4.3CVSS6.9AI score0.0035EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.6 views

WordPress plugin Essential Real Estate 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information...

4.3CVSS8.1AI score0.0035EPSS
Exploits0References2
OSV
OSV
added 2023/04/29 3:15 a.m.6 views

CVE-2022-41736

IBM Spectrum Scale Container Native Storage Access 5.1.2.1 through 5.1.6.0 contains an unspecified vulnerability that could allow a local user to obtain root privileges. IBM X-Force ID: 237810...

7.8CVSS5.8AI score0.00194EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.3 views

SUSE CVE-2018-16476

A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1,...

6.5CVSS6.7AI score0.02559EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2022/05/06 12:0 a.m.2 views

CVE-2022-27588

We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.6 build 20220401 and later...

9.8CVSS5.9AI score0.01271EPSS
Exploits0References2
OSV
OSV
added 2022/05/05 5:15 p.m.6 views

CVE-2022-27588

We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.6 build 20220401 and later...

9.8CVSS5.8AI score0.01271EPSS
Exploits0References1
OSV
OSV
added 2021/11/26 2:15 p.m.5 views

CVE-2021-38685

A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later...

9.8CVSS7.4AI score0.01471EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/10/18 5:58 a.m.4 views

128 Technology Session Smart Router vulnerable to authentication bypass

Overview 128 Technology Session Smart Router provided by 128 Technology contains an authentication bypass vulnerability CWE-287. Genta Kataoka of IERAE SECURITY INC. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

9.8CVSS7.4AI score0.01666EPSS
Exploits0References6
CNVD
CNVD
added 2019/12/04 12:0 a.m.3 views

Linux kernel memory misreference vulnerability (CNVD-2019-46994)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory misreference vulnerability exists in versions of Linux kernel prior to 5.1.6. No details of the vulnerabilit...

7.8CVSS7.1AI score0.00378EPSS
Exploits0References1
Rows per page
Query Builder