Lucene search
K

8 matches found

EUVD
EUVD
added 2026/06/26 1:27 a.m.10 views

EUVD-2026-39615

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'after' parameter in all versions up to, and including, 4.5.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS6AI score0.00281EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/04/20 11:19 p.m.4 views

CVE-2026-35587

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery SSRF vulnerability exists in the Glances IP plugin due to improper validation of the publicapi configuration parameter. The value of publicapi is used directly in outbound HTTP...

8.8CVSS5.7AI score0.00396EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/11/20 9:36 p.m.7 views

CVE-2025-65032

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference IDOR vulnerability allows any authenticated user to change the display names of other participants in polls without being an admin or the poll owner. By manipulating the...

6.5CVSS6.7AI score0.00224EPSS
Exploits1References1
NVD
NVD
added 2025/11/19 6:15 p.m.14 views

CVE-2025-65033

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the poll management feature allows any authenticated user to pause or resume any poll, regardless of ownership. The system only uses the public pollId to identify polls, and it does not...

8.1CVSS0.00289EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/19 5:26 p.m.7 views

EUVD-2025-198232

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the poll management feature allows any authenticated user to pause or resume any poll, regardless of ownership. The system only uses the public pollId to identify polls, and it does not...

8.1CVSS6.1AI score0.00289EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.3 views

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer by the individual developer Irfan Skiljan from Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion and more. A security vulnerability exists in IrfanView version 4.54, which stems from a user-mode write access conflict issue i...

7.8CVSS7.3AI score0.00322EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.4 views

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer by the individual developer Irfan Skiljan from Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion and more. A security vulnerability exists in IrfanView version 4.54, which stems from a user-mode write access conflict issue i...

7.8CVSS7.3AI score0.00317EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/06/24 12:0 a.m.3 views

IBOS 代码问题漏洞

IBOS is a collaborative office management system. A command injection vulnerability exists in ibos IBOS, which stems from a command injection vulnerability in database backup in IBOS 4.5.4 Open version. An attacker can exploit this vulnerability to gain server control privileges...

9.8CVSS5.7AI score0.01118EPSS
Exploits1References1
Rows per page
Query Builder