Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.14 views

PT-2026-47345

Name of the Vulnerable Software and Affected Versions STACKIT IaaS API affected versions not specified Description A missing authorization check allows authenticated, low-privileged attackers to escalate privileges to full organization compromise. By exploiting the unvalidated 'PUT servers...

9.8CVSS5.2AI score0.00302EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/12/02 12:39 a.m.8 views

Grav vulnerable to Information Disclosure via IDOR in Grav Admin Panel

Summary An IDOR Insecure Direct Object Reference vulnerability in the Grav CMS Admin Panel allows low-privilege users to access sensitive information from other accounts. Although direct account takeover is not possible, admin email addresses and other metadata can be exposed, increasing the risk...

6.5CVSS7AI score0.00258EPSS
Exploits1References4Affected Software1
Hacker One
Hacker One
added 2025/01/13 12:9 a.m.6 views

Stripo Inc: [my.stripo.email] Blind SSRF Vulnerability in Stripo App Export via Missing Endpoints Export Email Message to Zapier

A critical Blind SSRF Server-Side Request Forgery vulnerability was identified in the export service of the Stripo app. The vulnerability existed in the endpoint /exportservice/v3/exports/WEBHOOK/accounts, where malicious input could be provided in the webhookUrl parameter, triggering SSRF and...

6.9AI score
Exploits0
OSV
OSV
added 2022/05/23 12:16 p.m.5 views

CVE-2022-1816

A vulnerability, which was classified as problematic, has been found in Zoo Management System 1.0. Affected by this issue is /zoo/admin/publichtml/viewaccounts?type=zookeeper of the content module. The manipulation of the argument adminname with the input alert1 leads to an authenticated cross si...

5.4CVSS4.5AI score0.00546EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/06/25 12:0 a.m.3 views

PT-2020-14542 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version cwp-e17.0.9.8.923 Description: This issue allows remote attackers to disclose sensitive information without requiring authentication. The flaw exists in the ajax list accounts.php file, specifically when parsing the...

7.8CVSS7.5AI score0.0383EPSS
Exploits0References2
CNVD
CNVD
added 2020/04/02 12:0 a.m.3 views

Unspecified Vulnerability in Deskpro (CNVD-2020-22251)

Deskpro is a helpdesk software solution that helps companies manage communication with their customers and user base across multiple channels. A security vulnerability exists in Deskpro versions prior to 2019.8.0 that stems from the /api/emailaccounts endpoint failing to properly validate user...

7.5CVSS7AI score0.01782EPSS
Exploits1References1
OSV
OSV
added 2020/04/01 9:15 p.m.4 views

CVE-2020-11463

An issue was discovered in Deskpro before 2019.8.0. The /api/emailaccounts endpoint failed to properly validate a user's privilege, allowing an attacker to retrieve cleartext credentials of all helpdesk email accounts, including incoming and outgoing email credentials. This enables an attacker to...

7.5CVSS7.1AI score0.01782EPSS
Exploits1References3
Rows per page
Query Builder