Lucene search
K

6 matches found

CVE
CVE
added 7 hours ago7 views

CVE-2026-57867

CVE-2026-57867 affects MicroRealEstate before or up to 1.0.0-alpha3, due to a lack of token state management that enables adversaries to bypass authentication and brute‑force One‑Time Passwords (OTP) to log in as any user. The root cause is insufficient token state handling, leading to an auth by...

8.8CVSS6AI score
Exploits0References2
EUVD
EUVD
added 2026/03/11 12:17 a.m.4 views

EUVD-2026-10864

Parse Server has a bypass of class-level permissions in LiveQuery...

8.7CVSS5.8AI score0.00426EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/06 8:25 p.m.6 views

CVE-2026-30228

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.5 and 9.5.0-alpha.3, the readOnlyMasterKey can be used to create and delete files via the Files API POST /files/:filename, DELETE /files/:filename. This bypasses the...

6.9CVSS5.8AI score0.00329EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2025/12/16 12:56 a.m.10 views

CVE-2025-68115

Parse Server is affected by a Cross-Site Scripting (XSS) vulnerability in its password reset and email verification HTML pages due to unescaped Mustache template variables. Affected versions are prior to 8.6.1 and 9.1.0-alpha.3; the patch escapes user-controlled values in those pages and is avail...

6.1CVSS5.3AI score0.00183EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.5 views

PT-2025-51360

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 8.6.1 Parse Server versions prior to 9.1.0-alpha.3 Description Parse Server, an open source backend deployable on Node.js infrastructures, contains a Reflected Cross-Site Scripting XSS issue in its password reset...

6.1CVSS5.8AI score0.00183EPSS
Exploits0References8
CNVD
CNVD
added 2017/12/22 12:0 a.m.2 views

WordPress bSuite plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site. bSuite plugin is used in one of the plugin used to view the number of keyword searches . A cross-site scripting...

6.1CVSS6AI score0.0181EPSS
Exploits0References1
Rows per page
Query Builder