Lucene search
K

9 matches found

NVD
NVD
added yesterday3 views

CVE-2026-57739

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Blind SQL Injection.This issue affects AcyMailing SMTP Newsletter: from n/a through = 10.11.0...

9.3CVSS0.004EPSS
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2026-57741

CVE-2026-57741 is a stored XSS vulnerability in the WordPress plugin “AcyMailing SMTP Newsletter” (AcyMailing) up to version 10.11.0. Affected component is the plugin’s web-facing input handling that allows improper neutralization of input during web page generation. The issue permits stored cros...

7.1CVSS6.1AI score0.00251EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday11 views

CVE-2026-57739 WordPress AcyMailing SMTP Newsletter plugin <= 10.11.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Blind SQL Injection.This issue affects AcyMailing SMTP Newsletter: from n/a through = 10.11.0...

9.3CVSS0.004EPSS
Exploits0References1
CVE
CVE
added yesterday11 views

CVE-2026-57739

CVE-2026-57739 affects the WordPress WordPress Plugin AcyMailing SMTP Newsletter (versions up to and including 10.11.0). The vulnerability is an SQL Injection caused by improper neutralization of special elements in an SQL command, allowing blind SQL injection. According to the provided metrics, ...

9.3CVSS6.1AI score0.004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:6 a.m.6 views

CVE-2024-34708

Directus is a real-time API and App dashboard for managing SQL database content. A user with permission to view any collection using redacted hashed fields can get access the raw stored version using the alias functionality on the API. Normally, these redacted fields will return however if we...

4.9CVSS7AI score0.00757EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-1618

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.0045EPSS
Exploits1References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/17 5:24 p.m.6 views

Malicious code in commonweb-setup (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0c019e3086bf1cec9b859c8fe048187fc7cf6dc866de93fbd0ff2182b3e4fc0a The OpenSSF Package Analysis project identified 'commonweb-setup' @ 10.11.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSV
OSV
added 2025/08/14 9:30 a.m.4 views

MAL-2025-6872 Malicious code in search-result (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6ddb1c5d5505a20da7fa64201ed64cc4b487447debb5dfac4a7d1398b93bcb1a The OpenSSF Package Analysis project identified 'search-result' @ 10.11.0 npm as malicious. It is considered malicious because: - The package...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/05/13 12:0 a.m.4 views

PT-2024-26123 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions prior to 10.11.0 Description: The issue concerns session tokens that do not get properly invalidated when a user logs out. Specifically, the directus session is destroyed, and the cookie is deleted, but if the cookie value i...

5.4CVSS7.1AI score0.0045EPSS
Exploits1References7
Rows per page
Query Builder