Lucene search
K

11 matches found

EUVD
EUVD
added 6 days ago6 views

EUVD-2026-41271

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 4:16 p.m.8 views

CVE-2026-8480

A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...

4.3CVSS0.00087EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 3:27 a.m.65 views

CVE-2026-7648 LearnPress – WordPress LMS Plugin for Create and Sell Online Courses <= 4.3.5 - Authenticated (Subscriber+) Payment Bypass to Free Course Enrollment via 'quantity' Parameter

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to payment bypass through user-controlled key in all versions up to, and including, 4.3.5. This is due to improper handling of user-supplied request parameters in the REST API endpoint, whi...

4.3CVSS0.00423EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.5 views

Xibo CMS 安全漏洞

Xibo CMS is an open source content management system from Xibo Digital Signage. A security vulnerability exists in Xibo CMS 4.3.0 and prior versions, which stems from a mishandled Twig filter in the Module Templates feature in the CMS Developer menu, which could lead to remote code execution...

7.2CVSS7.8AI score0.00884EPSS
Exploits2References6
RedhatCVE
RedhatCVE
added 2025/09/07 2:33 p.m.3 views

CVE-2025-58801

Cross-Site Request Forgery CSRF vulnerability in KCS Responder responder allows Cross Site Request Forgery.This issue affects Responder: from n/a through = 4.3.8...

5.4CVSS5.9AI score0.00127EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.5 views

WordPress plugin WP Maintenance Mode & Site Under Construction 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

4.3CVSS4.7AI score0.0014EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.6 views

Stormshield Network Security 安全漏洞

Stormshield Network Security SNS is a next-generation UTM Unified Threat Management firewall from the French company Stormshield. A security vulnerability exists in Stormshield Network Security version 4.3.x prior to 4.3.35, which stems from a multicast stream that may result in a denial of servi...

7.3CVSS6.5AI score0.0028EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/31 12:0 a.m.19 views

Moodle Security Breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle versions 4.3 through 4.3.3. An attacker exploited the vulnerability to perform a cross-site...

8.8CVSS6.7AI score0.00314EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/04/30 1:34 p.m.3 views

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

8.8CVSS6.9AI score0.01002EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/04/22 12:59 p.m.4 views

WordPress BizPrint plugin <= 4.3.39 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin BizPrint versions = 4.3.39...

7.5CVSS7AI score0.00423EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2023/09/30 12:0 a.m.4 views

WordPress plugin OpenHook code injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

9.9CVSS7.6AI score0.01429EPSS
Exploits0References4
Rows per page
Query Builder