Lucene search
K

292 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-29063

Malicious code in bioql PyPI...

10CVSS9.5AI score0.02433EPSS
Exploits3References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-2588

Malicious code in bioql PyPI...

3.8CVSS4.3AI score0.00366EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-29898

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00713EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:18 a.m.8 views

CVE-2024-10216

The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'addsidebar' and 'removesidebar' functions in all versions up to, and including, 2.9.11. This makes it possible for authenticate...

4.3CVSS6.5AI score0.00429EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:17 a.m.5 views

CVE-2024-10537

The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the validateusermetakey function in all versions up to, and including, 2.9.11. This makes it possible for authenticated attackers, with...

4.3CVSS5.1AI score0.00366EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:57 a.m.17 views

CVE-2024-43336

Cross-Site Request Forgery CSRF vulnerability in WP User Manager WP User Manager wp-user-manager.This issue affects WP User Manager: from n/a through = 2.9.10...

4.3CVSS5.9AI score0.00174EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:7 a.m.9 views

CVE-2023-5159

Mattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots...

3.8CVSS6.7AI score0.00366EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:36 p.m.9 views

CVE-2022-20449

In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

4.4CVSS5.9AI score0.00146EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:31 a.m.13 views

CVE-2019-7544

An issue was discovered in MyWebSQL 3.7. The Add User function of the User Manager pages has a Stored Cross-site Scripting XSS vulnerability in the User Name Field...

5.4CVSS5.8AI score0.00667EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:44 a.m.10 views

CVE-2012-5931

Directory traversal vulnerability in the setlogconfig function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname...

5.5CVSS6.7AI score0.07278EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:44 a.m.7 views

CVE-2012-5930

The pamodifyaccounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote attackers to change the passwords of administrative accounts via a crafted application/x-amf request...

6.4CVSS7.1AI score0.07374EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:44 a.m.9 views

CVE-2012-5932

Eval injection vulnerability in the ldapagnteval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request...

10CVSS7.9AI score0.6275EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/21 7:59 p.m.6 views

CVE-2006-6583

ScriptMate User Manager 2.1 and earlier allow remote attackers to obtain sensitive information via unspecified vectors related to 1 the Logins box and 2 the Search box...

7.5CVSS6.6AI score0.01279EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/05/19 6:49 a.m.4 views

WordPress WP User Manager plugin <= 2.9.12 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin WP User Manager versions = 2.9.12...

9.8CVSS7.3AI score0.00476EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/05/05 12:0 a.m.5 views

One 安全漏洞

One is a front-end and back-end separated backend management system based on Spring Boot and Vue2 developed by lcw2004 individual developer. A security vulnerability exists in One v1.0, which stems from improper access control of component/api/user/manager, which may result in accessing sensitive...

7.5CVSS6.7AI score0.00309EPSS
Exploits1References2
OSV
OSV
added 2025/05/05 12:0 a.m.4 views

CVE-2025-45614

Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to access sensitive information via a crafted payload...

7.5CVSS6.6AI score0.00309EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/02/09 12:26 a.m.5 views

CVE-2024-57279

A reflected Cross-Site Scripting XSS vulnerability has been identified in the LDAP User Manager = ce92321, specifically in the /setup/index.php endpoint via the returnto parameter. This vulnerability arises due to improper sanitization of user-supplied input, allowing an attacker to inject...

5.4CVSS5.6AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2025/02/07 10:15 p.m.4 views

CVE-2024-57279

A reflected Cross-Site Scripting XSS vulnerability has been identified in the LDAP User Manager = ce92321, specifically in the /setup/index.php endpoint via the returnto parameter. This vulnerability arises due to improper sanitization of user-supplied input, allowing an attacker to inject...

5.4CVSS5.7AI score0.0021EPSS
Exploits0References1
NVD
NVD
added 2025/02/07 10:15 p.m.19 views

CVE-2024-57279

A reflected Cross-Site Scripting XSS vulnerability has been identified in the LDAP User Manager = ce92321, specifically in the /setup/index.php endpoint via the returnto parameter. This vulnerability arises due to improper sanitization of user-supplied input, allowing an attacker to inject...

5.4CVSS0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/07 12:0 a.m.4 views

CVE-2024-57279

A reflected Cross-Site Scripting XSS vulnerability has been identified in the LDAP User Manager = ce92321, specifically in the /setup/index.php endpoint via the returnto parameter. This vulnerability arises due to improper sanitization of user-supplied input, allowing an attacker to inject...

5.7AI score0.0021EPSS
Exploits0References1
Rows per page
Query Builder