Lucene search
K

485 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/07 3:13 a.m.6 views

CVE-2026-42147

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, S3 storage endpoint validation only checks URL format and testConnection sends a server-side request to the configured endpoint, allowing an authenticated user with storage...

4.9CVSS5.9AI score0.00255EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/14 12:0 a.m.26 views

CVE-2026-37590

SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/managerent.php...

0.00186EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

SourceCodester Storage Unit Rental Management System 安全漏洞

The SourceCodester Storage Unit Rental Management System is an open-source system developed by SourceCodester, designed to help manage rental records for storage units and monitor those records. Version 1.0 of the SourceCodester Storage Unit Rental Management System contains a security...

2.7CVSS5.9AI score0.00186EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 12:0 a.m.13 views

CVE-2026-37589

SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in /storage/admin/maintenance/manage_storage_unit.php. The CVE entry (CVE-2026-37589) is corroborated by multiple sources (NVD, ENISA EUVD, CVE List, AttackersKB, CVE enrichment) indicating a SQL injection fl...

2.7CVSS5.9AI score0.00186EPSS
Exploits0References1
NVD
NVD
added 2026/03/08 5:16 p.m.4 views

CVE-2026-3750

A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side...

7.2CVSS0.00353EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/08 4:32 p.m.6 views

CVE-2026-3750

A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side...

5.8CVSS5.3AI score0.00353EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/08 4:32 p.m.38 views

CVE-2026-3750 ContiNew Admin Storage Management S3ClientFactory.java URI.create server-side request forgery

A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side...

5.8CVSS0.00353EPSS
Exploits1References4
OSV
OSV
added 2026/03/08 4:32 p.m.6 views

CVE-2026-3750 ContiNew Admin Storage Management S3ClientFactory.java URI.create server-side request forgery

A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side...

5.1CVSS5.3AI score0.00353EPSS
Exploits1References6
CVE
CVE
added 2026/03/08 4:32 p.m.11 views

CVE-2026-3750

CVE-2026-3750 affects ContiNew Admin up to 4.2.0; the vulnerability lies in the function URI.create in continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the Storage Management Module, enabling server-side request forgery. The issue can be exploited remotely (...

7.2CVSS5.3AI score0.00353EPSS
Exploits1References4Affected Software1
Broadcom
Broadcom
added 2026/03/03 12:0 a.m.21 views

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate...

7.8CVSS6AI score0.0788EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/01/09 10:52 a.m.7 views

CVE-2022-42250

Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/inquiries/viewdetails.php?id=...

7.2CVSS7.9AI score0.00837EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:52 a.m.9 views

CVE-2022-42243

Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/managestorage.php?id=...

7.2CVSS7.9AI score0.00854EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:51 a.m.6 views

CVE-2022-42230

Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/admin/?page=user/manageuser=...

7.2CVSS8.1AI score0.00617EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/25 9:17 p.m.11 views

CVE-2025-68919

Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express DX / AF Management Software before 16.8-16.9.1 PA 2025-12, when collected maintenance data is accessible by a principal/authority other than ETERNUS SF Admin, allows an attacker to potentially affect system confidentiality, integrity, and...

5.6CVSS6.9AI score0.00099EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/02 7:22 a.m.6 views

CVE-2025-13813

A vulnerability was identified in moxi159753 Mogu Blog v2 up to 5.2. This issue affects some unknown processing of the file /storage/ of the component Storage Management Endpoint. The manipulation leads to missing authorization. The attack can be initiated remotely. The attack's complexity is rat...

8.1CVSS5.2AI score0.00409EPSS
Exploits1References1
NVD
NVD
added 2025/12/01 7:16 a.m.6 views

CVE-2025-13813

A vulnerability was identified in moxi159753 Mogu Blog v2 up to 5.2. This issue affects some unknown processing of the file /storage/ of the component Storage Management Endpoint. The manipulation leads to missing authorization. The attack can be initiated remotely. The attack's complexity is rat...

8.1CVSS0.00409EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/01 7:2 a.m.7 views

EUVD-2025-199958

A vulnerability was identified in moxi159753 Mogu Blog v2 up to 5.2. This issue affects some unknown processing of the file /storage/ of the component Storage Management Endpoint. The manipulation leads to missing authorization. The attack can be initiated remotely. The attack's complexity is rat...

6.3CVSS5.2AI score0.00409EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/12/01 7:2 a.m.2 views

CVE-2025-13813 moxi159753 Mogu Blog v2 Storage Management Endpoint storage authorization

A vulnerability was identified in moxi159753 Mogu Blog v2 up to 5.2. This issue affects some unknown processing of the file /storage/ of the component Storage Management Endpoint. The manipulation leads to missing authorization. The attack can be initiated remotely. The attack's complexity is rat...

6.3CVSS6.1AI score0.00409EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.5 views

Mogu blog 安全漏洞

Mogu blog 蘑菇博客 is a micro-architecture based front-end and back-end shared blogging system by individual developers in Streamlet, China. A security vulnerability exists in Mogu blog v2 5.2 and earlier versions, which originates from a lack of authorization checking in the file /storage/ in the...

8.1CVSS5.6AI score0.00409EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.8 views

PT-2025-48416

Name of the Vulnerable Software and Affected Versions moxi159753 Mogu Blog versions up to 5.2 Description A flaw exists in the Storage Management Endpoint component of moxi159753 Mogu Blog. The issue involves unauthorized processing of the /storage/ file, leading to a missing authorization check...

8.1CVSS5.1AI score0.00409EPSS
Exploits1References10
Rows per page
Query Builder