Lucene search
K

2737 matches found

Nuclei
Nuclei
added 18 hours ago7 views

Payara Server - Cross-Site Scripting

Payara Server versions 4.1.2.191.54, 5.83.0, 6.34.0, and 7.2026.1 contain a stored XSS vulnerability caused by improper input sanitization in the REST Management Interface. This allows attackers to mislead administrators into changing the admin password via a URL payload; however, the exploit...

9.3CVSS6.1AI score0.01002EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57524

Name of the Vulnerable Software and Affected Versions H3C NX15 version V100R017 Description A flaw exists in the Administrator Password Modification Endpoint within the change passwd function of the '/api/login/modify' endpoint. Remote manipulation of the newPass argument can lead to weak passwor...

7.5CVSS7AI score0.00278EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2 days ago10 views

PT-2026-57416

Name of the Vulnerable Software and Affected Versions The Essential Addons for Elementor versions prior to 6.6.11 Description Insufficient server-side validation of a Login/Register widget setting allows authenticated attackers with Contributor-level access or higher to perform Email Header...

8.8CVSS6.1AI score0.00367EPSS
Exploits0References12
NVD
NVD
added 4 days ago5 views

CVE-2026-55208

Pimcore Studio Backend Bundle is the backend bundle for Pimcore Studio. Prior to 2025.4.6 and 2026.1.6, an authenticated user can extract the admin password hash and other database content through time-based blind SQL injection in the DateFilter column key parameter. The POST...

7.7CVSS0.00249EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-55208

Pimcore Studio Backend Bundle is the backend bundle for Pimcore Studio. Prior to 2025.4.6 and 2026.1.6, an authenticated user can extract the admin password hash and other database content through time-based blind SQL injection in the DateFilter column key parameter. The POST...

7.7CVSS6.1AI score0.00249EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-55208 Pimcore: SQL Injection via Column Name in DateFilter allows authenticated user to extract arbitrary database data including admin password hashes

Pimcore Studio Backend Bundle is the backend bundle for Pimcore Studio. Prior to 2025.4.6 and 2026.1.6, an authenticated user can extract the admin password hash and other database content through time-based blind SQL injection in the DateFilter column key parameter. The POST...

7.7CVSS0.00249EPSS
Exploits0References5
CVE
CVE
added 4 days ago9 views

CVE-2026-55208

Pimcore Studio Backend Bundle vulnerability (CVE-2026-55208): An authenticated user can exploit a time-based blind SQL injection in the DateFilter column key parameter. The POST /pimcore-studio/api/website-settings endpoint and other listing endpoints accept a columnFilters array where the key fi...

7.7CVSS6.1AI score0.00249EPSS
Exploits0References5
OSV
OSV
added 2026/07/06 8:3 a.m.5 views

PYSEC-2026-925 sosreport Exposure of Sensitive Information vulnerability

It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el86, ovirt-log-collector-4.4.7-2.el8ev...

5.5CVSS5.9AI score0.00233EPSS
Exploits0References6
CVE
CVE
added 2026/07/04 7:15 p.m.19 views

CVE-2026-14648

The CVE details a SQL injection in code-projects Online Voting System (versions up to 0.x/1.0) via the Login component, affecting the function test_input in /authentication.php. By manipulating adminUserName/adminPassword arguments, an attacker can exploit the vulnerability remotely. The exploit ...

7.5CVSS6.8AI score0.00347EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/02 5:5 p.m.10 views

EUVD-2024-55647

Landray OA contains an unauthenticated HQL injection vulnerability that allows unauthenticated attackers to query arbitrary Hibernate entity classes by injecting malicious HQL syntax into the uid POST parameter of the wechatLoginHelper.do endpoint. Attackers can exploit the lack of input...

8.7CVSS6.2AI score0.00564EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/02 5:5 p.m.39 views

CVE-2024-58352 Landray OA Unauthenticated HQL Injection via wechatLoginHelper.do

Landray OA contains an unauthenticated HQL injection vulnerability that allows unauthenticated attackers to query arbitrary Hibernate entity classes by injecting malicious HQL syntax into the uid POST parameter of the wechatLoginHelper.do endpoint. Attackers can exploit the lack of input...

8.7CVSS0.00564EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 2:13 p.m.5 views

PYSEC-2026-660 Cross Site Request Forgery in mailman

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request using that token to set a new admin password or make other changes...

8.8CVSS6.9AI score0.0073EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/01 3:33 a.m.7 views

EUVD-2026-40885

UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password. In repeater/webgui/settings.c:197, when settings2.txt is absent on first run the repeater writes the literal string "adminadmi2" as the admin password via strcpyssavedpassword, 64,...

9.1CVSS5.8AI score0.00374EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 3:33 a.m.40 views

CVE-2026-7839 UltraVNC repeater ships hardcoded default admin password allowing unauthenticated admin access

UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password. In repeater/webgui/settings.c:197, when settings2.txt is absent on first run the repeater writes the literal string "adminadmi2" as the admin password via strcpyssavedpassword, 64,...

9.1CVSS0.00374EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 8:50 p.m.15 views

CVE-2026-55069

Kestra OSS (BasicAuth) stores administrator password with SHA-512; if an attacker gains read access to PostgreSQL, offline brute-force can recover the password. In Kubernetes, cracked credentials may enable reading ServiceAccount Tokens and all K8s Secrets, enabling vertical privilege escalation....

8.7CVSS5.8AI score0.00158EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2026/06/24 9:16 p.m.9 views

CVE-2026-32315

motionEye mEye is an online interface for motion software, a video surveillance program with motion detection. Versions prior to 0.44.0 create the configuration file /etc/motioneye/motion.conf with 644 permissions -rw-r--r--, making it readable by any local user on the system. This file contains...

5.5CVSS0.02902EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 8:45 p.m.13 views

CVE-2026-32315

motionEye prior to 0.44.0 creates /etc/motioneye/motion.conf with 644 permissions (-rw-r--r--) and per-camera camera-.conf with identical permissions, making the admin password hash and camera credentials readable by any local user. The SHA1 admin password hash can be cracked offline to plaintext...

5.5CVSS5.8AI score0.02902EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 8:45 p.m.17 views

CVE-2026-32315 motionEye: World-Readable Configuration File Exposes Admin Password Hash

motionEye mEye is an online interface for motion software, a video surveillance program with motion detection. Versions prior to 0.44.0 create the configuration file /etc/motioneye/motion.conf with 644 permissions -rw-r--r--, making it readable by any local user on the system. This file contains...

5.5CVSS0.02902EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 8:45 p.m.3 views

CVE-2026-32315 motionEye: World-Readable Configuration File Exposes Admin Password Hash

motionEye mEye is an online interface for motion software, a video surveillance program with motion detection. Versions prior to 0.44.0 create the configuration file /etc/motioneye/motion.conf with 644 permissions -rw-r--r--, making it readable by any local user on the system. This file contains...

5.5CVSS5.8AI score0.02902EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-52103

Name of the Vulnerable Software and Affected Versions Appsmith versions prior to 2.1 Description The bundled supervisord exposes an XML-RPC interface on port 9001, which is accessible from outside the container through a Caddy reverse-proxy route at the '/supervisor/' endpoint. An authenticated...

8.9CVSS6AI score0.00271EPSS
Exploits1References4
Rows per page
Query Builder