Lucene search
K

10 matches found

Snyk
Snyk
added 2025/10/13 9:31 p.m.2 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the AccountEntriesAdminPortletaddressId parameter. An attacker can access address information belonging to other accounts by specifying arbitrary identifiers. Remediation Upgrade...

5.3CVSS6.7AI score0.00273EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-59034

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00483EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-22949

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00457EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/30 8:40 p.m.7 views

CVE-2025-54429

Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. There are various account address types in Frontier, e.g. precompiled contracts, smart contracts, and externally owned accounts. Some EVM mechanisms should be unreachable by certain types of accounts for...

6.9CVSS7.1AI score0.00457EPSS
Exploits0References1
OSV
OSV
added 2024/01/16 4:15 p.m.4 views

CVE-2023-6824

The WP Customer Area WordPress plugin before 8.2.1 does not properly validates user capabilities in some of its AJAX actions, allowing any users to retrieve other user's account address...

6.5CVSS5.8AI score0.00483EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/01/16 3:57 p.m.18 views

CVE-2023-6824 WP Customer Area < 8.2.1 - Subscriber+ Account Address Leak

The WP Customer Area WordPress plugin before 8.2.1 does not properly validates user capabilities in some of its AJAX actions, allowing any users to retrieve other user's account address...

7AI score0.00483EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/01/16 3:57 p.m.30 views

CVE-2023-6824 WP Customer Area < 8.2.1 - Subscriber+ Account Address Leak

The WP Customer Area WordPress plugin before 8.2.1 does not properly validates user capabilities in some of its AJAX actions, allowing any users to retrieve other user's account address...

6.6AI score0.00483EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/01/16 3:56 p.m.27 views

CVE-2023-6741 WP Customer Area < 8.2.1 - Subscriber+ Account Address Update

The WP Customer Area WordPress plugin before 8.2.1 does not properly validate users capabilities in some of its AJAX actions, allowing malicious users to edit other users' account address...

4.9AI score0.00394EPSS
Exploits1References1
Code423n4
Code423n4
added 2021/11/10 12:0 a.m.8 views

_isRevocable is tied to the address and can be set by anyone

Handle pauliax Vulnerability details Impact function vest has a parameter isRevocable that is tied to the account address of beneficiary. because anyone can call vest, it allows overriding benRevocable as many times as you want. I see several potential problems with this: 1. isRevocable sets glob...

6.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/09/21 2:14 p.m.16 views

buyincoins.com XSS vulnerability

Vulnerable URL: http://www.buyincoins.com/?r=account/customer/AddressList Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 22:53 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 17593 Google Pagerank| 3 VIP...

6.3AI score
Exploits0
Rows per page
Query Builder