6234 matches found
baserCMS has a cross-site scripting vulnerability in blog posts
baserCMS has a cross-site scripting vulnerability in blog posts. Target baserCMS 5.2.1 and earlier versions Vulnerability Malicious Javascript may be executed in blog posts. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more...
GHSA-VH89-RJPH-2G7P baserCMS has an SQL injection vulnerability in its blog post functionality
baserCMS has a SQL injection vulnerability in blog posts. Target baserCMS 5.2.2 and earlier versions Vulnerability Malicious SQL may be executed in blog posts. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...
EUVD-2026-17257
baserCMS has an SQL injection vulnerability in its blog post functionality...
baserCMS has an SQL injection vulnerability in its blog post functionality
baserCMS has a SQL injection vulnerability in blog posts. Target baserCMS 5.2.2 and earlier versions Vulnerability Malicious SQL may be executed in blog posts. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...
CVE-2026-30282
creationtimestamp| type| source ---|---|--- 2026-03-31 18:34:34+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3miesvzalqn2t 2026-03-31 18:58:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mieubjuhm622 2026-04-07 23:00:14+00:00| seen|...
CVE-2026-32725
creationtimestamp| type| source ---|---|--- 2026-03-31 18:31:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3miesptmlej2s 2026-03-31 18:55:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mieu45uy4c2g 2026-03-31 19:20:34+00:00| published-proof-of-concept|...
CVE-2026-32620
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, non-staff users could access read receipt information for staff-only posts they weren't supposed to see. No post content w...
CVE-2026-32620 Discourse: Missing post-level authorization allows whisper metadata disclosure
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, non-staff users could access read receipt information for staff-only posts they weren't supposed to see. No post content w...
CVE-2026-32620
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, non-staff users could access read receipt information for staff-only posts they weren't supposed to see. No post content w...
CVE-2026-32620 Discourse: Missing post-level authorization allows whisper metadata disclosure
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, non-staff users could access read receipt information for staff-only posts they weren't supposed to see. No post content w...
EUVD-2026-17559
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, non-staff users could access read receipt information for staff-only posts they weren't supposed to see. No post content w...
CVE-2026-32620 Discourse: Missing post-level authorization allows whisper metadata disclosure
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, non-staff users could access read receipt information for staff-only posts they weren't supposed to see. No post content w...
CVE-2026-32620
Summary: CVE-2026-32620 affects Discourse. From 2026.1.0-latest up to before 2026.1.3, 2026.2.0-latest up to before 2026.2.2, and 2026.3.0-latest up to before 2026.3.0, non-staff users could access read receipt metadata for staff-only posts they were not supposed to see. No post content was expos...
CVE-2026-24154
creationtimestamp| type| source ---|---|--- 2026-03-31 17:28:52+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3miepain7xw2r 2026-03-31 17:29:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3miepasmjts2r 2026-03-31 17:34:33+00:00| seen|...
CVE-2026-21632
creationtimestamp| type| source ---|---|--- 2026-03-31 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0384/ 2026-04-01 12:03:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mignjhtn7k2z 2026-04-01 12:20:17+00:00| seen|...
CVE-2026-21630
creationtimestamp| type| source ---|---|--- 2026-03-31 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0384/ 2026-04-01 12:20:17+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3migohoedj52z 2026-04-01 12:23:25+00:00| seen|...
CVE-2026-5286
creationtimestamp| type| source ---|---|--- 2026-03-31 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0385/ 2026-04-01 06:00:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116327922216539438 2026-04-01 06:00:29+00:00| seen|...
CVE-2025-15618
creationtimestamp| type| source ---|---|--- 2026-03-31 16:32:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3miem4mcox32r 2026-03-31 16:33:18+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3miem562nc42m 2026-03-31 17:24:25+00:00|...
CVE-2026-34240
creationtimestamp| type| source ---|---|--- 2026-03-31 16:28:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mielun7v3j2r 2026-03-31 16:28:33+00:00| seen| https://bsky.app/profile/potato.software/post/3mieluoldg22e 2026-03-31 16:29:03+00:00| seen|...
CVE-2026-0596
creationtimestamp| type| source ---|---|--- 2026-03-31 16:24:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mielnttg7r2z 2026-03-31 16:31:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mielzbemc32s 2026-03-31 17:24:40+00:00| published-proof-of-concept|...