Lucene search
K

4743 matches found

NVD
NVD
added 2026/06/04 2:16 p.m.15 views

CVE-2019-25730

Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to pages.php with crafted id values using error-based SQL injection techniques to...

8.8CVSS0.0027EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/04 1:22 p.m.9 views

CVE-2019-25730 Listing Hub CMS 1.0 SQL Injection via pages.php id

Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to pages.php with crafted id values using error-based SQL injection techniques to...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/04 1:22 p.m.8 views

CVE-2019-25730

Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to pages.php with crafted id values using error-based SQL injection techniques to...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/04 1:22 p.m.39 views

CVE-2019-25730 Listing Hub CMS 1.0 SQL Injection via pages.php id

Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to pages.php with crafted id values using error-based SQL injection techniques to...

8.8CVSS0.0027EPSS
Exploits0References5
CVE
CVE
added 2026/06/04 1:22 p.m.38 views

CVE-2019-25730

CVE-2019-25730 affects Listing Hub CMS 1.0 . A vulnerability in the page pages.php where the id parameter is exploited via error-based SQL injection , allowing unauthenticated remote attackers to run arbitrary queries. The attacker can extract sensitive data such as database credentials, username...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.21 views

PT-2026-46200

Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to pages.php with crafted id values using error-based SQL injection techniques to...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/02 7:42 a.m.18 views

Important: Red Hat Security Advisory: Multicluster Global Hub 1.3.4 security update

Multicluster Global Hub v1.3.4 general availability release images, which provide security fixes, bug fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.8CVSS7.3AI score0.01557EPSS
Exploits3References21
RedHat Linux
RedHat Linux
added 2026/06/01 10:12 p.m.22 views

Important: Red Hat Security Advisory: Multicluster Global Hub 1.4.5 security update

Multicluster Global Hub v1.4.5 general availability release images, which provide security fixes, bug fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.1CVSS7.5AI score0.08123EPSS
Exploits5References36
CVE
CVE
added 2026/06/01 4:13 p.m.33 views

CVE-2026-45131

CloudPirates Open Source Helm Charts are affected by a vulnerability in the GitHub Actions pull-request.yaml workflow where attacker-controlled code from fork pull requests could run in a privileged context, exposing repository secrets (e.g., Docker Hub credentials/tokens). The issue precedes com...

10CVSS5.8AI score0.00275EPSS
Exploits0References2
Securelist
Securelist
added 2026/06/01 10:0 a.m.21 views

Containers on fire: from container escapes to supply chain attacks

Introduction Modern infrastructures universally rely on containerization to deploy applications, scale services, and build cloud platforms. The use of Docker, Kubernetes, and similar technologies has become the corporate standard for efficient automation. However, as containers grow in popularity...

9.3CVSS7.7AI score0.9857EPSS
Exploits61
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.16 views

PT-2026-45467

Name of the Vulnerable Software and Affected Versions CloudPirates Open Source Helm Charts versions prior to commit fcf9302 Description A GitHub Actions workflow in the pull-request.yaml file executes attacker-controlled code from fork pull requests within a privileged context. This allows for th...

10CVSS5.5AI score0.00275EPSS
Exploits0References9
Snyk
Snyk
added 2026/05/29 10:9 p.m.13 views

Malicious Package

Overview @rsi-community/hub-schema is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/29 10:2 p.m.10 views

MAL-2026-5050 Malicious code in @rsi-community/hub-client-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1809bcf5bcd98744f995fb8ad94581a2708daa99f40bf4e4d563e17c5c81b4b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 10:2 p.m.20 views

Malicious code in @rsi-community/hub-client-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1809bcf5bcd98744f995fb8ad94581a2708daa99f40bf4e4d563e17c5c81b4b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
Securelist
Securelist
added 2026/05/29 7:0 a.m.13 views

What’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant

Introduction Containerization using Docker has become firmly established in modern development standards, significantly increasing the speed and convenience of deploying various services. Developers often use ready-made Docker images, making only minimal changes. The largest repository of contain...

6.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:20 a.m.12 views

SUSE CVE-2026-45134

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to LangSmith SDK Python 0.8.0 and JS/TS 0.6.0, the LangSmith SDK's prompt pull methods pullprompt / pullpromptcommit in Python, pullPrompt / pullPromptCommit in JS/TS fetch and deserialize prompt manifests from...

7.1CVSS5.8AI score0.00199EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/28 8:39 p.m.23 views

Important: Red Hat Security Advisory: Multicluster Global Hub 1.5.4 security update

Multicluster Global Hub v1.5.4 general availability release images, which provide security fixes, bug fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.1CVSS7.1AI score0.08123EPSS
Exploits5References36
OSV
OSV
added 2026/05/28 8:43 a.m.8 views

BIT-JUPYTERHUB-2026-40864 JupyterHub: Cross-origin form POSTs bypass XSRF

JupyterHub is software that allows users to create a multi-user server for Jupyter notebooks. In versions 4.1.0 through 5.4.4, XSRF protection updated in 4.1.0 inappropriately treated requests with Sec-Fetch-Mode: no-cors as same-origin requests, bypassing XSRF checks. The JSON API is not affecte...

5.4CVSS5.8AI score0.00159EPSS
Exploits1References3
HackRead
HackRead
added 2026/05/27 12:21 p.m.14 views

Link11 is fully committed to Europe and is opening a Customer Excellence Hub in Lisbon

Frankfurt am Main, Germany, 27th May 2026, CyberNewswire...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

sherlock 操作系统命令注入漏洞

Sherlock is an open-source username search tool developed by Sherlock. Versions of Sherlock prior to 0.16.1 contained a vulnerability related to operating system command injection. This vulnerability originated from the pullrequesttarget trigger in the GitHub Actions workflow...

9.3CVSS6.1AI score0.01141EPSS
Exploits1References1
Rows per page
Query Builder