Lucene search
K

9 matches found

CVE
CVE
added 2026/05/19 12:0 a.m.12 views

CVE-2026-36829

CVE-2026-36829 affects Panabit PAP-XM320 (up to v7.7). The embedded HTTP server authenticates via a cookie-based value checked against the filesystem, using a user-controlled cookie without proper sanitization. This leads to a directory traversal scenario and authentication bypass, enabling bypas...

9.8CVSS5.8AI score0.01268EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/13 11:42 a.m.29 views

CVE-2026-32400 WordPress Boldman theme <= 7.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemetechMount Boldman boldman allows PHP Local File Inclusion.This issue affects Boldman: from n/a through = 7.7...

7.5CVSS0.00381EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.5 views

PT-2026-25246

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemetechMount Boldman boldman allows PHP Local File Inclusion.This issue affects Boldman: from n/a through = 7.7...

7.5CVSS5.8AI score0.00381EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/30 10:47 a.m.23 views

CVE-2025-68974 WordPress WordPress Social Login and Register plugin <= 7.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through =...

6.6CVSS0.00405EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

WordPress plugin ANAC XML Bandi di Gara 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

7.1CVSS6AI score0.00175EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.5 views

PT-2024-37086 · WordPress · Wpbakery Visual Composer

Name of the Vulnerable Software and Affected Versions: WPBakery Visual Composer plugin for WordPress versions up to, and including, 7.7 Description: The issue allows authenticated attackers with Author-level access and above, and with post permissions granted by an Administrator, to include and...

8.8CVSS7.7AI score0.01021EPSS
Exploits0References6
OSV
OSV
added 2021/04/01 2:2 p.m.5 views

CLSA-2021-1617285762 Fix of CVE-2021-22876

back-port urlapi from v7.75.0 used by CVE-2021-22876 - strip credentials from the auto-referer header CVE-2021-22876...

5.3CVSS6.8AI score0.05301EPSS
Exploits1References1
CNVD
CNVD
added 2016/11/04 12:0 a.m.1 views

WinaXe 'FTP client' Remote Buffer Remote Vulnerability

WinaXe is an X terminal emulation program running on Windows platform, fully compatible with X11 R6, allowing you to enjoy Unix/Linux on Windows. A remote buffer overflow vulnerability exists in WinaXe version 7.7, which can be exploited by an attacker to execute arbitrary code in the context of ...

8.1AI score
Exploits0References1
CNVD
CNVD
added 2015/02/28 12:0 a.m.4 views

Multiple Cross-Site Scripting Vulnerabilities in PNMsoft Sequence Kinetics

PNMsoft Sequence Kinetics is a next-generation business process management suite released by Israel-based PNMsoft that enables rapid establishment of high-availability workflow applications and close human collaboration on change while maintaining lifecycle governance. Multiple cross-site scripti...

4.3CVSS6.1AI score0.00931EPSS
Exploits0References1
Rows per page
Query Builder