Lucene search
K

1885 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-9854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display...

5.3CVSS6.4AI score0.02157EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-2044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted...

5.3CVSS6.5AI score0.02033EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2016-9853

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display...

5.3CVSS6.4AI score0.02542EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-2038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request,...

5.3CVSS6.5AI score0.02564EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-25151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - opentelemetry-go-contrib is a collection of extensions for OpenTelemetry-Go. The v0.38.0 release of go.opentelemetry.io/contrib/instrumentation/net/http/otelhtt...

7.5CVSS7AI score0.00973EPSS
Exploits1References2
CNVD
CNVD
added 2025/07/25 12:0 a.m.9 views

WordPress Birth Chart Compatibility plugin Information Disclosure Vulnerability

WordPress Birth Chart Compatibility plugin is a tool for testing horoscope pairing compatibility. WordPress Birth Chart Compatibility plugin suffers from an information disclosure vulnerability that originates from direct access to the index.php file resulting in full path disclosure, which can b...

5.3CVSS6.2AI score0.01567EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/07/24 10:22 a.m.11 views

CVE-2025-6082

The Birth Chart Compatibility plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0. This is due to insufficient protection against directly accessing the plugin's index.php file, which causes an error exposing the full path. This makes it possible f...

5.3CVSS6AI score0.01567EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2025/07/22 3:38 p.m.314 views

Exploit for CVE-2025-6082

CVE-2025-6082 Full Path Disclosure PoC Author: Byte Reape...

5.3CVSS9.8AI score0.01567EPSS
Exploits2
NVD
NVD
added 2025/07/22 10:15 a.m.14 views

CVE-2025-6082

The Birth Chart Compatibility plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0. This is due to insufficient protection against directly accessing the plugin's index.php file, which causes an error exposing the full path. This makes it possible f...

5.3CVSS0.01567EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2025/07/22 9:22 a.m.7 views

CVE-2025-6082 Birth Chart Compatibility <= 2.0 - Unauthenticated Full Path Exposure

The Birth Chart Compatibility plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0. This is due to insufficient protection against directly accessing the plugin's index.php file, which causes an error exposing the full path. This makes it possible f...

5.3CVSS6.2AI score0.01567EPSS
Exploits2References3
CVE
CVE
added 2025/07/22 9:22 a.m.39 views

CVE-2025-6082

The CVE-2025-6082 vulnerability affects the Birth Chart Compatibility WordPress plugin (versions up to 2.0). The root cause is an information-disclosure flaw that allows unauthenticated users to directly access the plugin’s index.php, triggering PHP warnings/fatal errors and revealing the server’...

5.3CVSS6.2AI score0.01567EPSS
Exploits2References3
Cvelist
Cvelist
added 2025/07/22 9:22 a.m.22 views

CVE-2025-6082 Birth Chart Compatibility <= 2.0 - Unauthenticated Full Path Exposure

The Birth Chart Compatibility plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0. This is due to insufficient protection against directly accessing the plugin's index.php file, which causes an error exposing the full path. This makes it possible f...

5.3CVSS0.01567EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.12 views

PT-2025-30385 · WordPress · Birth Chart Compatibility

Name of the Vulnerable Software and Affected Versions: Birth Chart Compatibility plugin for WordPress versions prior to 2.1 Description: The Birth Chart Compatibility plugin for WordPress is susceptible to full path disclosure due to insufficient protection against direct access to the plugin's...

5.3CVSS6.2AI score0.01567EPSS
Exploits2References11
Patchstack
Patchstack
added 2025/07/21 10:18 p.m.15 views

WordPress Birth Chart Compatibility plugin <= 2.0 - Unauthenticated Full Path Exposure vulnerability

Unauthenticated Full Path Exposure vulnerability discovered by Amin Beheshti in WordPress Plugin Birth Chart Compatibility versions = 2.0...

5.3CVSS6.7AI score0.01567EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/20 3:3 p.m.5 views

CVE-2025-52719 WordPress ProfileGrid plugin <= 5.9.5.2 - Full Path Disclosure (FPD) Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Retrieve Embedded Sensitive Data.This issue affects ProfileGrid : from n/a through = 5.9.5.2...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/20 3:3 p.m.15 views

CVE-2025-52719 WordPress ProfileGrid plugin <= 5.9.5.2 - Full Path Disclosure (FPD) Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Retrieve Embedded Sensitive Data.This issue affects ProfileGrid : from n/a through = 5.9.5.2...

4.3CVSS0.00216EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/19 3:35 p.m.11 views

WordPress ProfileGrid plugin <= 5.9.5.2 - Full Path Disclosure (FPD) Vulnerability

Full Path Disclosure FPD Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin ProfileGrid versions = 5.9.5.2...

4.3CVSS6.8AI score0.00216EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/08 4:0 a.m.20 views

CVE-2025-5733

The Modern Events Calendar Lite plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 7.21.9. This is due improper or insufficient validation of the id property when exporting calendars. This makes it possible for unauthenticated attackers to retrieve th...

5.3CVSS5AI score0.00288EPSS
Exploits0References1
NVD
NVD
added 2025/06/06 4:16 a.m.12 views

CVE-2025-5733

The Modern Events Calendar Lite plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 7.21.9. This is due improper or insufficient validation of the id property when exporting calendars. This makes it possible for unauthenticated attackers to retrieve th...

5.3CVSS0.00288EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/06/06 3:41 a.m.5 views

CVE-2025-5733 Modern Events Calendar <= 7.21.9 - Information Exposure

The Modern Events Calendar Lite plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 7.21.9. This is due improper or insufficient validation of the id property when exporting calendars. This makes it possible for unauthenticated attackers to retrieve th...

5.3CVSS6.8AI score0.00288EPSS
Exploits0References3
Rows per page
Query Builder