Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/06 9:47 p.m.7 views

CVE-2026-35452

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesyste...

5.3CVSS5.9AI score0.00367EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.6 views

PT-2026-4275

Name of the Vulnerable Software and Affected Versions Palantir Apollo Aries Service affected versions not specified Description A flaw exists in Palantir's Aries service that permitted unauthenticated access to log viewing and management features on Apollo instances when using the default...

6.6CVSS5.4AI score0.00368EPSS
Exploits0References4
wpexploit
wpexploit
added 2021/12/21 12:0 a.m.118 views

Simple Download Monitor < 3.9.9 - Multiple CSRF

The plugin does not enforce nonce checks, which could allow attackers to perform CSRF attacks to 1 make admins export logs to exploit a separate log disclosure vulnerability fixed in 3.9.6, 2 delete logs fixed in 3.9.9, 3 remove thumbnail image from downloads To export logs which could then be...

8.8CVSS8.6AI score0.0063EPSS
Exploits2
Patchstack
Patchstack
added 2021/10/05 12:0 a.m.18 views

WordPress Simple Download Monitor plugin <= 3.9.5.1 - Unauthenticated Log Access vulnerability

Unauthenticated Log Access vulnerability discovered by apple502j in WordPress Simple Download Monitor plugin versions = 3.9.5.1. Solution Update the WordPress Simple Download Monitor plugin to the latest available version at least 3.9.6...

7.5CVSS3.9AI score0.01625EPSS
Exploits2References3Affected Software1
The Hacker News
The Hacker News
added 2020/06/25 10:8 a.m.7 views

Critical Bugs and Backdoor Found in GeoVision's Fingerprint and Card Scanners

GeoVision, a Taiwanese manufacturer of video surveillance systems and IP cameras, recently patched three of the four critical flaws impacting its card and fingerprint scanners that could've potentially allowed attackers to intercept network traffic and stage man-in-the-middle attacks. In a report...

10CVSS7.6AI score0.00874EPSS
Exploits0
OSV
OSV
added 2018/02/16 10:29 p.m.3 views

CVE-2018-3609

A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations...

8.1CVSS5.8AI score
Exploits0References4
Rows per page
Query Builder