Lucene search
+L

2439 matches found

Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.25 views

PT-2026-48368

Name of the Vulnerable Software and Affected Versions QTS versions prior to 5.2.9.3492 build 20260507 QuTS hero versions prior to h5.2.9.3499 build 20260514 Description A command injection issue allows a remote attacker with administrator account access to execute arbitrary commands on the system...

8.6CVSS6.1AI score0.00977EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.17 views

PT-2026-48359

Name of the Vulnerable Software and Affected Versions License Center versions prior to 1.9.56 Description A path traversal issue allows a local attacker with administrator account privileges to read the contents of unexpected files or system data. Path traversal is a technique where an attacker...

6.9CVSS5.2AI score0.00259EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/09 6:30 p.m.15 views

EUVD-2026-35441

An Authentication Bypass vulnerability CWE-288 in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access...

10CVSS5.6AI score0.99041EPSS
Exploits6References2
NVD
NVD
added 2026/06/09 11:16 a.m.17 views

CVE-2026-47346

Backend users with file write permissions were able to upload form definition files with mixed-case extensions e.g., .FORM.YAML to bypass the Form Framework's upload restriction. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to...

7.6CVSS0.00253EPSS
Exploits0References3
CVE
CVE
added 2026/06/09 10:50 a.m.83 views

CVE-2026-47346

Summary: CVE-2026-47346 affects TYPO3 CMS prior to certain patch versions, where backend users with file write perms can upload form definition files with mixed-case extensions (e.g., .FORM.YAML) to bypass upload restrictions. This can be exploited to execute arbitrary SQL statements and escalate...

7.6CVSS6AI score0.00253EPSS
Exploits0References3
OSV
OSV
added 2026/06/09 10:50 a.m.4 views

CVE-2026-47346 TYPO3 CMS - Broken Access Control in Form Framework

Backend users with file write permissions were able to upload form definition files with mixed-case extensions e.g., .FORM.YAML to bypass the Form Framework's upload restriction. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to...

7.6CVSS6.2AI score0.00253EPSS
Exploits0References7
OSV
OSV
added 2026/06/09 10:48 a.m.4 views

CVE-2026-11607 TYPO3 CMS - Broken Access Control in Form Framework

Backend users with access to the Form Framework were able to use files not ending in .form.yaml as form definitions, which were processed without denying the incorrect file extension. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to...

7.6CVSS6.3AI score0.00238EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2026/06/08 12:55 p.m.105 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Strapi

CVE-2026-27886 Automated Exploit - Usage Guide What This S...

9.2CVSS5.5AI score0.00612EPSS
Exploits5
CVE
CVE
added 2026/06/08 12:15 p.m.27 views

CVE-2026-11513

The vulnerability CVE-2026-11513 affects itsourcecode Hospital Management System 1.0. The issue is an SQL injection in an unknown function of /adminaccount.php triggered by manipulating the Date argument. It can be exploited remotely and an exploit is public. CVSS data is provided (v3.1/3.0/2.0 v...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.10 views

CVE-2026-36959

U-SPEED N300 router V1.0.0 does not implement rate limiting or account lockout protections on the /api/login endpoint. This allows an attacker on the local network to perform unlimited authentication attempts, enabling brute-force attacks against the administrator account and potential unauthoriz...

7.5CVSS5.5AI score0.00349EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.18 views

CVE-2026-32699

FacturaScripts is an open source accounting and invoicing software. In versions 2025.92 and earlier, the application fails to validate the nick parameter during a POST request to the EditUser controller. Although the user interface prevents editing this field, a user can bypass this restriction b...

5.3CVSS5.3AI score0.0033EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.11 views

CVE-2026-6602

A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an unknown function of the file /backend/admin/hisadminaccount.php. The manipulation of the argument addpic results in unrestricted upload. The attack can be executed remotel...

7.5CVSS6.8AI score0.00376EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 7:29 p.m.10 views

CVE-2026-25622

A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW. On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform...

7CVSS5.8AI score0.0988EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.14 views

CVE-2026-7802

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.29.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

8.8CVSS5.6AI score0.00402EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.11 views

CVE-2026-9018

The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.5 via the easyelhandleregister function. This is due to the wpajaxnopriveelregister AJAX handler iterating the attacker-controlled...

8.8CVSS5.4AI score0.00541EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.11 views

CVE-2026-42844

Grav is a file-based Web platform. In Grav 2.0.0-beta.2, a low-privileged authenticated API user with api.media.write can abuse /api/v1/blueprint-upload to write an arbitrary YAML file into user/accounts/, then log in as the newly created account with api.super privileges. This results in full...

8.8CVSS5.6AI score0.00336EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.14 views

CVE-2026-8809

The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation via Validation Bypass in all versions up to and including 0.9.2.5. The vulnerability exists due to the aftervalidatesavepost function unconditionally trusting the attacker-controlled acfpostid POST...

9.8CVSS5.5AI score0.008EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.20 views

PT-2026-47033

Name of the Vulnerable Software and Affected Versions WP Captcha PRO versions prior to 5.39 Description An authentication bypass exists due to the ajax run tool AJAX handler relying only on a nonce check via check ajax referer without performing capability checks. This is combined with the create...

8.8CVSS5.7AI score0.00393EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2026/06/04 7:27 p.m.14 views

Shopware: Admin Account Takeover via User Recovery Hash Exposure

Summary A low-privilege admin user with userrecovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...

6.8CVSS5.8AI score0.00272EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2026/06/04 7:27 p.m.11 views

GHSA-8V9P-G828-V98F Shopware: Admin Account Takeover via User Recovery Hash Exposure

Summary A low-privilege admin user with userrecovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...

6.8CVSS5.8AI score0.00272EPSS
Exploits0References4
Rows per page
Query Builder