CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-37142

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01475EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2022-51885

Malicious code in bioql PyPI...

7.5CVSS7.9AI score0.00232EPSS

Exploits2References1

RedhatCVE•added 2025/05/23 12:18 a.m.•6 views

CVE-2022-4550

The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing...

7.5CVSS6.7AI score0.00232EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 11:3 p.m.•3 views

CVE-2022-34126

The Activity plugin before 3.1.1 for GLPI allows reading local files via directory traversal in the front/cra.send.php file parameter...

7.5CVSS6.8AI score0.01475EPSS

Exploits0References1

Cvelist•added 2023/04/16 12:0 a.m.•14 views

CVE-2022-34126

The Activity plugin before 3.1.1 for GLPI allows reading local files via directory traversal in the front/cra.send.php file parameter...

7.7AI score0.01475EPSS

Exploits0References3

Vulnrichment•added 2023/04/16 12:0 a.m.•4 views

CVE-2022-34126

The Activity plugin before 3.1.1 for GLPI allows reading local files via directory traversal in the front/cra.send.php file parameter...

6.8AI score0.01475EPSS

Exploits0References3

CVE•added 2023/04/16 12:0 a.m.•258 views

CVE-2022-34126

The vulnerability CVE-2022-34126 affects the GLPI Activity plugin prior to 3.1.1. Root cause: directory traversal in the front/cra.send.php parameter allows reading local files. Impact: potential exposure of sensitive information due to unauthorized local file access. Affected component: GLPI Act...

7.5CVSS7.5AI score0.01475EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2023/04/16 12:0 a.m.•2 views

PT-2023-13338 · Glpi · Glpi Activity Plugin

Name of the Vulnerable Software and Affected Versions: GLPI Activity plugin versions prior to 3.1.1 Description: The issue allows reading local files via directory traversal in the "front/cra.send.php" file parameter. This can potentially lead to unauthorized access to sensitive information...

7.5CVSS6.6AI score0.01475EPSS

Exploits0References6

0day.today•added 2023/04/03 12:0 a.m.•267 views

GLPI Activity v3.1.0 - Authenticated Local File Inclusion on Activity plugin Vulnerability

Exploit Title: GLPI Activity v3.1.0 - Authenticated Local File Inclusion on Activity plugin Application: GLPI Activity 3.1.0 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/InfotelGLPI/activity Advisory:...

6.5CVSS6.6AI score0.05675EPSS

Exploits3

CVE•added 2023/02/27 3:24 p.m.•47 views

CVE-2022-4550

CVE-2022-4550 concerns the WordPress plugin “User Activity” up to version 1.0.1. The vulnerability arises because the plugin checks HTTP headers such as X-Forwarded-For to obtain the request IP address, which can allow IP spoofing. The documented impact (per NVD) indicates a high severity (CVSS v...

7.5CVSS7.4AI score0.00232EPSS

Exploits2References1Affected Software1

Patchstack•added 2022/04/11 12:0 a.m.•5 views

WordPress Wbcom Designs – Check-ins for BuddyPress Activity plugin <= 1.9.3 - Arbitrary Plugin Installation, Activation and Deactivation vulnerability

Arbitrary Plugin Installation, Activation and Deactivation vulnerability was discovered by Mary JJ Jay in WordPress Wbcom Designs – Check-ins for BuddyPress Activity plugin versions = 1.9.3. Solution Update the WordPress Wbcom Designs – Check-ins for BuddyPress Activity plugin to the latest...

4.1AI score

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by