CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1070 matches found

RedhatCVE•added 2025/05/23 6:24 a.m.•2 views

CVE-2024-29320

Wallos before 1.15.3 is vulnerable to SQL Injection via the category and payment parameters to /subscriptions/get.php...

8.1CVSS8AI score0.00138EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 5:58 a.m.•1 views

CVE-2023-31453

Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The attacker can delete others' subscriptions, even if they are not the owner of the deleted subscription. Users are advised ...

7.5CVSS6.9AI score0.00454EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:30 a.m.•4 views

CVE-2023-41317

The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Affected versions are subject to a Denial-of-Service DoS type vulnerability which causes the Router to panic and terminate when GraphQL Subscriptions are...

7.5CVSS6.6AI score0.00258EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:37 a.m.•5 views

CVE-2023-35914

Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Woo Subscriptions.This issue affects Woo Subscriptions: from n/a through 5.1.2...

7.5CVSS7.8AI score0.00178EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 3:55 a.m.•9 views

CVE-2023-34226

In JetBrains TeamCity before 2023.05 reflected XSS in the Subscriptions page was possible...

6.1CVSS6AI score0.00033EPSS

RedhatCVE•added 2025/05/23 2:39 a.m.•1 views

CVE-2023-23629

Metabase is an open source data analytics platform. Affected versions are subject to Improper Privilege Management. As intended, recipients of dashboards subscriptions can view the data as seen by the creator of that subscription. This allows someone with greater access to data to create a...

6.3CVSS6.3AI score0.00097EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:17 a.m.•4 views

CVE-2023-51522

Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs Paid Member Subscriptions.This issue affects Paid Member Subscriptions: from n/a through 2.10.4...

8.8CVSS8.6AI score0.00074EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:31 p.m.•4 views

CVE-2022-2498

An issue in pipeline subscriptions in GitLab EE affecting all versions from 12.8 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 triggered new pipelines with the person who created the tag as the pipeline creator instead of the subscription's author...

7.5CVSS6.4AI score0.002EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:3 p.m.•1 views

CVE-2021-24728

The Membership & Content Restriction – Paid Member Subscriptions WordPress plugin before 2.4.2 did not sanitise, validate or escape its order and orderby parameters before using them in SQL statement, leading to Authenticated SQL Injections in the Members and Payments pages...

8.8CVSS7.4AI score0.01539EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 11:21 a.m.•6 views

CVE-2013-1829

calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not consider capability requirements before displaying calendar subscriptions, which allows remote authenticated users to obtain potentially sensitive information by leveraging the student role...

4CVSS6AI score0.00199EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:53 a.m.•4 views

CVE-2012-6106

calendar/managesubscriptions.php in the Manage Subscriptions implementation in Moodle 2.4.x before 2.4.1 omits a capability check, which allows remote authenticated users to remove course-level calendar subscriptions by leveraging the student role and sending an iCalendar object...

5.5CVSS6.5AI score0.00442EPSS

Exploits0References1

Positive Technologies•added 2025/04/17 12:0 a.m.•4 views

PT-2025-16940 · Undefined · Undefined

CVE-2025-4162026 Security Advisory https://t.co/BNN9CFmeav Vulnerability Alert Subscriptions: https://t.co/hrQhy5uz4x...

Exploits0References1

Positive Technologies•added 2025/04/14 12:0 a.m.•3 views

PT-2025-16279 · Autogpt · Autogpt

Name of the Vulnerable Software and Affected Versions: AutoGPT versions prior to 0.6.1 Description: The AutoGPT Platform's WebSocket API transmitted node execution updates to subscribers based on the graph id+graph version. However, there was no check prohibiting users from subscribing with anoth...

3.5CVSS6.5AI score0.00214EPSS

Exploits0References10

CNNVD•added 2025/04/09 12:0 a.m.•2 views

Shopware 安全漏洞

Shopware is a suite of open source e-commerce software from the German company Shopware. A security vulnerability exists in Shopware versions prior to 6.6.10.3 and prior to 6.5.8.17, which stems from a default setting that allows unconfirmed bulk news subscriptions...

6.9CVSS6.3AI score0.00441EPSS

Exploits0References1

RedhatCVE•added 2025/03/30 10:24 a.m.•16 views

CVE-2025-31088

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Stored XSS.This issue affects Paid Member Subscriptions: from n/a through = 2.14.3...

6.5CVSS7.2AI score0.00277EPSS

Exploits0References1

RedhatCVE•added 2025/03/29 12:8 p.m.•10 views

CVE-2025-30900

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Subscriptions Zoho Billing – Embed Payment Form allows Stored XSS. This issue affects Zoho Billing – Embed Payment Form: from n/a through 4.0...

6.5CVSS7AI score0.00237EPSS

Exploits0References1

Patchstack•added 2025/03/28 10:36 a.m.•1 views

WordPress Paid Member Subscriptions plugin <= 2.14.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Paid Member Subscriptions versions = 2.14.3...

6.5CVSS6.2AI score0.00277EPSS

Exploits0Affected Software1

NVD•added 2025/03/28 10:15 a.m.•7 views

CVE-2025-31088

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Stored XSS.This issue affects Paid Member Subscriptions: from n/a through = 2.14.3...

6.5CVSS0.00277EPSS

Exploits0References1

Cvelist•added 2025/03/28 9:39 a.m.•13 views

CVE-2025-31088 WordPress Paid Member Subscriptions plugin <= 2.14.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Stored XSS.This issue affects Paid Member Subscriptions: from n/a through = 2.14.3...

6.5CVSS0.00277EPSS

Exploits0References1

Vulnrichment•added 2025/03/28 9:39 a.m.•9 views

CVE-2025-31088 WordPress Paid Member Subscriptions plugin <= 2.14.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Stored XSS.This issue affects Paid Member Subscriptions: from n/a through = 2.14.3...

6.5CVSS7.2AI score0.00277EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by