Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.8 views

CVE-2026-42680

Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...

9.8CVSS5.4AI score0.00331EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 3:16 p.m.15 views

CVE-2026-42680

Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...

9.8CVSS0.00331EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 2:54 p.m.13 views

CVE-2026-42680

Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...

9.8CVSS5.8AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/01 2:54 p.m.16 views

EUVD-2026-33657

Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...

9.8CVSS5.8AI score0.00331EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 2:54 p.m.12 views

CVE-2026-42680 WordPress Contest Gallery Pro plugin <= 29.0.1 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1...

9.8CVSS5.8AI score0.00331EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.19 views

PT-2026-45433

Name of the Vulnerable Software and Affected Versions Contest Gallery Pro versions prior to 29.0.1 Description Incorrect privilege assignment allows for privilege escalation within the software. Recommendations Update to a version newer than 29.0.1...

9.8CVSS5.4AI score0.00331EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 5:1 p.m.4 views

CVE-2026-24964

Server-Side Request Forgery SSRF vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Server Side Request Forgery.This issue affects Contest Gallery: from n/a through = 28.1.2.1...

6.4CVSS5.8AI score0.00163EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-27894

Name of the Vulnerable Software and Affected Versions Contest Gallery versions prior to 28.1.2.3 Description A flaw exists in Contest Gallery that allows for authentication bypass. This allows for authentication abuse by utilizing an alternate path or channel. Recommendations Update Contest Galle...

9.8CVSS5.9AI score0.00416EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.13 views

PT-2026-27860

Name of the Vulnerable Software and Affected Versions Contest Gallery versions through 28.1.2.1 Description A Server-Side Request Forgery SSRF vulnerability exists in Contest Gallery. This allows for Server Side Request Forgery. The vulnerability affects versions through 28.1.2.1. Recommendations...

6.4CVSS5.9AI score0.00163EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/03 2:8 p.m.7 views

EUVD-2026-5224

Missing Authorization vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contest Gallery: from n/a through = 28.1.1...

4.3CVSS5.3AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/06 6:32 p.m.4 views

EUVD-2025-38048

Cross-Site Request Forgery CSRF vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Cross Site Request Forgery.This issue affects Contest Gallery: from n/a through = 28.0.0...

4.3CVSS6.3AI score0.00114EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.8 views

PT-2025-45327

Cross-Site Request Forgery CSRF vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Cross Site Request Forgery.This issue affects Contest Gallery: from n/a through = 28.0.0...

4.3CVSS6.9AI score0.00114EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/18 11:54 a.m.6 views

CVE-2025-48291

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through = 26.0.6...

7.1CVSS5.9AI score0.00235EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/08 8:36 p.m.10 views

WordPress Contest Gallery plugin <= 26.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via id Parameter vulnerability discovered by stealthcopter in WordPress Plugin Contest Gallery versions = 26.0.6...

6.4CVSS6.3AI score0.00231EPSS
Exploits0References1Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/07/24 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-39631

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through = 23.1.2...

7.1CVSS5.8AI score0.0029EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/02/05 12:0 a.m.12 views

WordPress Contest Gallery Plugin <= 21.2.8.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Contest Gallery Type Plugin Vulnerable versions = 21.2.8.4 Fixed in 21.2.9 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-24887 Patch priority Low CVSS severity Low 5.4 Developer Wasiliy Strecker PSID bc8832951ec5 Credits Dhabaleshwar D...

8.8CVSS6.6AI score0.00208EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder