Lucene search
K

114 matches found

ATTACKERKB
ATTACKERKB
added 4 days ago8 views

CVE-2026-13080

The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.12.7 via the 'logKey' parameter parameter. This makes it possible for authenticated attackers, with administrator-leve...

6.6CVSS6.5AI score0.0071EPSS
Exploits0References11
EUVD
EUVD
added 2026/07/06 6:0 a.m.4 views

EUVD-2024-55649

The Notifications for Forms & WordPress Actions WordPress plugin before 2.6 does not validate a user-supplied value before using it to build a server-side file inclusion path, allowing authenticated users with subscriber-level access and above to include and execute arbitrary local PHP files on t...

7.5CVSS6.2AI score0.00318EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 6:0 a.m.9 views

CVE-2024-6228

The CVE-2024-6228 vulnerability affects the Notifications for Forms & WordPress Actions WordPress plugin (before version 2.6). It occurs because the plugin does not validate a user-supplied value when building a server-side file inclusion path, enabling authenticated users with subscriber-level a...

7.5CVSS6.2AI score0.00318EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 4:3 p.m.5 views

EUVD-2026-39467

ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, any authenticated user with builder role free tier can overwrite a globally-shared marketplace plugin with arbitrary JavaScript that executes...

9.4CVSS6.1AI score0.00256EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 8:57 p.m.28 views

CVE-2026-45689

Summary: Rocket.Chat prior to versions 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11 is affected by a pre-auth NoSQL injection at the OAuth2 token endpoint. An unauthenticated attacker can send a crafted HTTP POST to /oauth/token using MongoDB query operators, bypassing grant-para...

9.1CVSS6.1AI score0.00308EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 4:8 p.m.3 views

Security Bulletin: Unauthenticated Server-Side RCE via PythonCodeStructuredTool in Public Flows

Summary Langflow OSS contains unauthenticated server-side RCE via PythonCodeStructuredTool executing attacker-controlled Python through exec at flow-build time. Sink in execself.toolcode, globals, localnamespace where toolcode is attacker-controlled template field. Two paths: A Authenticated POST...

10CVSS6AI score0.00314EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/20 1:16 p.m.12 views

CVE-2026-48908

A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code...

10CVSS0.01569EPSS
Exploits6References5
ATTACKERKB
ATTACKERKB
added 2026/06/20 11:56 a.m.14 views

CVE-2026-48939

A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution...

10CVSS6AI score0.01505EPSS
Exploits4References2Affected Software1
OSV
OSV
added 2026/06/17 5:16 p.m.4 views

DEBIAN-CVE-2025-26240

In JazzCore python-pdfkit 1.0.0, the fromstring method enables the execution of JavaScript code within the context of the server application and the exfiltration of local files...

8.4CVSS6AI score0.00392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.14 views

CVE-2026-49493

Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced code blocks with interpretJS, which evaluates the block content as code via vm.runInNewContext, allowing arbitrary code execution. A crafted markdown document containing a malicious bitfield code block executes attacker-controlled cod...

8.8CVSS5.9AI score0.00327EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.11 views

CVE-2026-8832

The WPCode - Insert Headers and Footers + Custom Code Snippets - WordPress Code Manager plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.3.5 This is due to the 'wpcode' custom post type being registered without a custom capabilitytype or capability...

8.8CVSS5.7AI score0.01214EPSS
Exploits2References1
NVD
NVD
added 2026/06/05 6:17 p.m.12 views

CVE-2026-49493

Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced code blocks with interpretJS, which evaluates the block content as code via vm.runInNewContext, allowing arbitrary code execution. A crafted markdown document containing a malicious bitfield code block executes attacker-controlled cod...

8.8CVSS0.00327EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.22 views

PT-2026-47093

Name of the Vulnerable Software and Affected Versions DbGate versions prior to 7.1.9 Description The "POST /runners/load-reader" endpoint accepts a functionName parameter that is directly interpolated into a JavaScript code template without sanitization or validation. An authenticated user with...

8.8CVSS5.9AI score0.0051EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.19 views

PT-2026-43573

The WPCode - Insert Headers and Footers + Custom Code Snippets - WordPress Code Manager plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.3.5 This is due to the 'wpcode' custom post type being registered without a custom capability type or capability...

8.8CVSS5.8AI score0.01214EPSS
Exploits2References9
EUVD
EUVD
added 2026/05/12 3:31 a.m.8 views

EUVD-2026-29372

Due to improper Spring Security configuration, SAP Commerce cloud allows an unauthenticated user to perform malicious configuration upload and code injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the applicati...

9.6CVSS6AI score0.0061EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/12 2:20 a.m.50 views

CVE-2026-34263 Missing authentication check in SAP Commerce cloud configuration

Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the application...

9.6CVSS0.0061EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/11 12:32 p.m.10 views

EUVD-2026-29047

Path traversal vulnerability exists in GROWI v7.5.0 and earlier, which may allow an attacker to execute arbitrary EJS templates on the server when an email server is running in GROWI...

8.6CVSS7.3AI score0.00495EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.21 views

PT-2026-39922

Name of the Vulnerable Software and Affected Versions SAP Commerce cloud affected versions not specified Description Improper Spring Security configuration allows an unauthenticated user to perform malicious configuration upload and code injection. This can result in arbitrary server-side code...

10CVSS6AI score0.0061EPSS
Exploits0References22
Vulnrichment
Vulnrichment
added 2026/04/29 7:50 p.m.4 views

CVE-2026-34965 Cockpit CMS Authenticated Remote Code Execution via Collections

Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/savecollection endpoint that allows authenticated attackers with collection management privileges to inject arbitrary PHP code into collection rules parameters. Attackers can inject malicious PHP...

8.8CVSS6.5AI score0.00825EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-37153

Name of the Vulnerable Software and Affected Versions i18next-fs-backend versions prior to 2.6.4 Description i18next-fs-backend substitutes the lng and ns options directly into the configured loadPath and addPath templates to read or write files from the disk. Because this interpolation is...

8.2CVSS6AI score0.00292EPSS
Exploits0References4
Rows per page
Query Builder