Lucene search
K

10 matches found

EUVD
EUVD
added 2026/06/06 1:26 a.m.11 views

EUVD-2026-34939

The Page-list plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.2. This is due to the pagelistunqprfxextshortcode function the pagelistext / pagelistext shortcode accepting attacker-controlled poststatus, posttype, and showmetakey attributes and...

4.3CVSS5.4AI score0.00224EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/21 9:11 p.m.30 views

CVE-2026-8240 Concrete CMS 9.5.0 and below is vulnerable to unauthenticated page metadata disclosure in Backend\SummaryTemplate

Concrete CMS 9.5.0 and below is vulnerable to unauthenticated page metadata disclosure across every page with a configured summary template, revealing the existence of private, draft, and restricted pages while leaking title, path, description, and author information. The Concrete CMS security te...

6.3CVSS0.00195EPSS
Exploits0References1
OSV
OSV
added 2026/03/23 8:38 p.m.3 views

GHSA-62CH-J6X7-722J Connect CMS: Information Disclosure Due to Improper Authorization through the Page Content Retrieval Feature

Security Advisory — Page Content Retrieval Improper Authorization Summary An improper authorization issue in the page content retrieval feature may allow retrieval of non-public information. Affected Versions - 1.x series: = 1.41.0 - 2.x series: = 2.41.0 Patched Versions - 1.41.1 - 2.41.1...

7.5CVSS5.7AI score0.00268EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-6735

Malicious code in bioql PyPI...

8.7CVSS6.3AI score0.00906EPSS
Exploits1References6
CVE
CVE
added 2025/08/19 8:52 p.m.24 views

CVE-2025-54144

Summary: CVE-2025-54144 affects Firefox for iOS before version 141. The URL scheme used to facilitate searching of text queries could be abused to open arbitrary website URLs or internal pages if a user is tricked into clicking a link. This is described as a security bypass in Firefox for iOS pri...

5.4CVSS5.9AI score0.0021EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/03/19 5:36 p.m.111 views

CVE-2025-29925

XWiki Platform REST API vulnerability CVE-2025-29925: the /rest/wikis/[wikiName]/pages endpoint could disclose information about protected/private pages to unauthenticated users before fixes. The issue occurs because the endpoint listed pages even when the user had no view rights, notably when th...

8.7CVSS6.3AI score0.00906EPSS
In wildExploits1References5Affected Software1
OSV
OSV
added 2024/05/30 12:15 p.m.6 views

CVE-2022-43841

IBM Aspera Console 3.4.0 through 3.4.2 PL9 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 239078...

3.3CVSS5.8AI score0.00158EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2021/04/15 12:0 a.m.555 views

WordPress 4.7-5.7 - Authenticated Password Protected Pages Exposure

Description The Latest Posts block in the WordPress editor can be exploited in a way that exposes password-protected posts and pages via the posts REST API when the "edit" context was used. This requires at least contributor privileges. PoC 1. As one user, create a new password protected post...

6.5CVSS5.3AI score0.02331EPSS
Exploits1References4
CNVD
CNVD
added 2017/11/06 12:0 a.m.7 views

Catalyst Mahara Information Disclosure Vulnerability (CNVD-2017-36220)

Catalyst Mahara is a social networking system from Catalyst IT in New Zealand. The system includes a blog, resume builder, file manager, and more. A security vulnerability exists in Catalyst Mahara. An attacker can exploit the vulnerability to receive and view watchlist notifications about pages...

4.3CVSS6.8AI score0.00663EPSS
Exploits0References1
NVD
NVD
added 2001/11/28 5:0 a.m.25 views

CVE-2001-0926

SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages .jsp and other files in the web root via an HTTP request for a non-existent SSI page, in which the request's body has an include statement...

5CVSS6.8AI score0.02469EPSS
Exploits0References4
Rows per page
Query Builder