6695 matches found
Cisco Small Business RV Series - OS Command Injection
Cisco Small Business RV Series routers RV16X/RV26X versions 1.0.01.02 and before and RV34X versions 1.0.03.20 and before contain multiple OS command injection vulnerabilities in the web-based management interface. A remote attacker can execute arbitrary OS commands via the sessionid cookie or...
Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)
The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check. id: CVE-2020-29453 info: name: Jira Server Pre-Auth - Arbitrary File...
Redash Setup Configuration - Default Secrets Disclosure
Redash Setup Configuration is vulnerable to default secrets disclosure Insecure Default Initialization of Resource. If an admin sets up Redash versions =10.0 and prior without explicitly specifying the REDASHCOOKIESECRET or REDASHSECRETKEY environment variables, a default value is used for both...
DotNetNuke 07.04.00 - Administration Authentication Bypass
The installation wizard in DotNetNuke DNN before 7.4.1 allows remote attackers to reinstall the application and gain SuperUser access via a direct request to Install/InstallWizard.aspx. id: CVE-2015-2794 info: name: DotNetNuke 07.04.00 - Administration Authentication Bypass author: 0xr2r severity...
Mura CMS <10.0.580 - Authentication Bypass
Mura CMS before 10.0.580 is susceptible to authentication bypass in the Remember Me function. An attacker can bypass authentication via a crafted web request and thereby obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected...
Microsoft Exchange - Pre-Auth SSRF / ACL Bypass (ProxyNotFound)
Microsoft Exchange Server contains a remote code execution caused by improper input validation in the server component, letting remote attackers execute arbitrary code, exploit requires network access to the server. id: CVE-2021-28480 info: name: Microsoft Exchange - Pre-Auth SSRF / ACL Bypass...
Pre-Auth Takeover of Build Pipelines in GoCD
GoCD contains a critical information disclosure vulnerability whose exploitation allows unauthenticated attackers to leak configuration information including build secrets and encryption keys. id: CVE-2021-43287 info: name: Pre-Auth Takeover of Build Pipelines in GoCD author: dhiyaneshDk severity...
WordPress AI Engine Plugin - Token Exposure
Unauthenticated sensitive information exposure in AI Engine WordPress plugin = 3.1.3 exposes bearer tokens via REST API endpoints when No-Auth URL is enabled. id: CVE-2025-11749 info: name: WordPress AI Engine Plugin - Token Exposure author: 4m3rr0r severity: critical description: | Unauthenticat...
PHPIPAM <v1.5.1 - Missing Authorization
In phpIPAM 1.5.1, an unauthenticated user could download the list of high-usage IP subnets that contains sensitive information such as a subnet description, IP ranges, and usage rates via findfullsubnets.php endpoint. The bug lies in the fact that findfullsubnets.php does not verify if the user i...
Adobe ColdFusion - Access Control Bypass
There is an access control bypass vulnerability in Adobe ColdFusion versions 2023 Update 2 and below, 2021 Update 8 and below and 2018 update 18 and below, which allows a remote attacker to bypass the ColdFusion mechanisms that restrict unauthenticated external access to ColdFusion's Administrato...
WooCommerce Payments - Unauthorized Admin Access
An issue in WooCommerce Payments plugin for WordPress versions 5.6.1 and lower allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the...
Really Simple Security < 9.1.2 - Authentication Bypass
The Really Simple Security Free, Pro, and Pro Multisite plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the 'checkloginandgetuser' function. This makes it possible...
Old Age Home Management System v1.0 - SQL Injection
Old Age Home Management 1.0 is vulnerable to SQL Injection via the username parameter. id: CVE-2023-33338 info: name: Old Age Home Management System v1.0 - SQL Injection author: Harsh severity: critical description: | Old Age Home Management 1.0 is vulnerable to SQL Injection via the username...
MStore API <= 3.9.2 - Authentication Bypass
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.2. This is due to insufficient verification on the user being supplied during the add listing REST API request through the plugin. This makes it possible for unauthenticated attackers ...
POS Codekop v2.0 - Broken Authentication
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data. id: CVE-2023-36347 info: name: POS Codekop v2.0 - Broken Authentication author: princechaddha severity: high description: | A broken authentication mechanism ...
Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation
The plugin does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This is actively being exploited in the wild. id: CVE-2023-3460 info: name: Ultimate Member 2.6.7 - Unauthenticated Privilege...
Service Finder Bookings - Authentication Bypass
Service Finder Bookings WordPress plugin = 6.0 contains a privilege escalation caused by improper validation of user cookie in servicefinderswitchback function, letting unauthenticated attackers login as any user including admins. id: CVE-2025-5947 info: name: Service Finder Bookings -...
Airflow Experimental <1.10.11 - REST API Auth Bypass
Airflow's Experimental API prior 1.10.11 allows all API requests without authentication. id: CVE-2020-13927 info: name: Airflow Experimental 1.10.11 - REST API Auth Bypass author: pdteam severity: critical description: | Airflow's Experimental API prior 1.10.11 allows all API requests without...
phpBB < 3.3.17 - Authentication Bypass
phpBB before 3.3.17 contains an authentication bypass vulnerability in the login-link feature. By setting the authprovider query parameter to "apache", an unauthenticated attacker can bypass password verification and log in as any user, including administrators. The Apache auth provider trusts th...
Adobe ColdFusion - Access Control Bypass
An attacker is able to access every CFM and CFC endpoint within the ColdFusion Administrator path /CFIDE/, of which there are 437 CFM files and 96 CFC files in a ColdFusion 2021 Update 6 install. id: CVE-2023-29298 info: name: Adobe ColdFusion - Access Control Bypass author:...