Lucene search
K

328 matches found

EUVD
EUVD
added 2026/04/14 12:31 a.m.3 views

EUVD-2026-22134

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...

7CVSS5.8AI score0.00308EPSS
Exploits0References4
OSV
OSV
added 2026/04/13 10:16 p.m.5 views

DEBIAN-CVE-2026-4786

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...

7CVSS5.3AI score0.0029EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/13 9:52 p.m.6 views

CVE-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...

7CVSS5.9AI score0.0029EPSS
Exploits0References8
Snyk
Snyk
added 2026/04/13 9:52 p.m.9 views

Arbitrary Argument Injection

Overview Affected versions of this package are vulnerable to Arbitrary Argument Injection via the webbrowser.open function. An attacker can execute arbitrary commands by supplying a specially crafted URL containing %action that is processed by the API. Note: This issue is due to incomplete fix fo...

7.1CVSS6.7AI score0.00308EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.7 views

PT-2026-32545

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An incomplete mitigation allows for a bypass when a URL contains the string "%action". For certain browser types, this can lead to command injection into the...

7.1CVSS5.8AI score0.0029EPSS
Exploits0References216
EUVD
EUVD
added 2026/04/08 9:33 p.m.5 views

EUVD-2025-209345

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /urlrule.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, en, ips, u, time, act, rpri, and log...

6.2AI score0.00605EPSS
Exploits0References3
NVD
NVD
added 2026/04/05 9:16 p.m.6 views

CVE-2019-25687

Pegasus CMS 1.0 contains a remote code execution vulnerability in the extrafields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionality. Attackers can send POST requests to the submit.php endpoint with malicious PHP code in the acti...

9.8CVSS0.01416EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:19 p.m.3 views

CVE-2025-50881

The flow/admin/moniteur.php script in Use It Flow administration website before 10.0.0 is vulnerable to Remote Code Execution. When handling GET requests, the script takes user-supplied input from the action URL parameter, performs insufficient validation, and incorporates this input into a strin...

8.8CVSS6.3AI score0.0061EPSS
Exploits1References1
NVD
NVD
added 2026/03/16 9:16 p.m.3 views

CVE-2025-50881

The flow/admin/moniteur.php script in Use It Flow administration website before 10.0.0 is vulnerable to Remote Code Execution. When handling GET requests, the script takes user-supplied input from the action URL parameter, performs insufficient validation, and incorporates this input into a strin...

8.8CVSS0.0061EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/16 12:0 a.m.3 views

CVE-2025-50881

The flow/admin/moniteur.php script in Use It Flow administration website before 10.0.0 is vulnerable to Remote Code Execution. When handling GET requests, the script takes user-supplied input from the action URL parameter, performs insufficient validation, and incorporates this input into a strin...

6.2AI score0.0061EPSS
Exploits1References1
CVE
CVE
added 2026/03/16 12:0 a.m.10 views

CVE-2025-50881

CVE-2025-50881 involves the Use It Flow admin page flow/admin/moniteur.php, vulnerable before version 10.0.0. The GET parameter action is unsafely incorporated into a string and evaluated via PHP eval(), after a flawed method_exists check that only validates the portion before the first parenthes...

8.8CVSS6.2AI score0.0061EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/15 7:23 a.m.19 views

CVE-2025-14173

The Perfit WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. This is due to missing authorization checks on the logout function called via the actions function hooked to admininit. This makes it possible for unauthenticated...

5.3CVSS6.1AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/01/14 7:16 a.m.7 views

CVE-2025-14173

The Perfit WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. This is due to missing authorization checks on the logout function called via the actions function hooked to admininit. This makes it possible for unauthenticated...

5.3CVSS0.00232EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/14 6:40 a.m.31 views

CVE-2025-14173 Perfit WooCommerce <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Plugin Settings Deletion

The Perfit WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. This is due to missing authorization checks on the logout function called via the actions function hooked to admininit. This makes it possible for unauthenticated...

5.3CVSS0.00232EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/14 6:40 a.m.3 views

CVE-2025-14173 Perfit WooCommerce <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Plugin Settings Deletion

The Perfit WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. This is due to missing authorization checks on the logout function called via the actions function hooked to admininit. This makes it possible for unauthenticated...

5.3CVSS5.7AI score0.00232EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:30 a.m.12 views

CVE-2021-27961

evesys 7.1 2152 through 8.0 2202 allows Reflected XSS via the indexeva.php action parameter...

6.5CVSS6AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:18 a.m.7 views

CVE-2019-18345

A reflected XSS issue was discovered in DAViCal through 1.1.8. It echoes the action parameter without encoding. If a user visits an attacker-supplied link, the attacker can view all data the attacked user can view, as well as perform all actions in the name of the user. If the user is an...

9.3CVSS6.1AI score0.02242EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:59 a.m.5 views

CVE-2023-49909

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...

8.8CVSS8.3AI score0.01822EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.9 views

PT-2026-1732

Name of the Vulnerable Software and Affected Versions WP Page Permalink Extension versions prior to 1.5.5 Description The WP Page Permalink Extension plugin for WordPress is susceptible to a missing authorization issue. This occurs because of a lack of authorization checks within the cwpp trigger...

6.5CVSS6.1AI score0.00376EPSS
Exploits1References6
NVD
NVD
added 2026/01/07 12:16 p.m.2 views

CVE-2025-14370

The Quote Comments plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.0.0. This is due to missing authorization checks in the quotecommentsaddadmin function. This makes it possible for authenticated attackers, with Subscriber-level access and above...

4.3CVSS0.00158EPSS
Exploits0References2
Rows per page
Query Builder