Lucene search
K

9842 matches found

Cvelist
Cvelist
added 1 hour ago2 views

CVE-2026-56841

A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi Protect Application to escalate privileges on the host device...

8.8CVSS
Exploits0References1
NVD
NVD
added 5 hours ago6 views

CVE-2026-14029

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'select' parameter in all versions up to, and including, 4.5.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS
Exploits0References10
Nuclei
Nuclei
added 6 hours ago20 views

NocoBase - SQL Injection

NocoBase @nocobase/plugin-collection-sql versions prior to 2.0.39 are vulnerable to SQL injection via the sqlCollection:update endpoint. The checkSQL function, which blocks dangerous SQL keywords and ensures only SELECT statements are allowed, is not called during collection updates. id:...

7.2CVSS5.8AI score0.01833EPSS
Exploits1References2
Nuclei
Nuclei
added 6 hours ago12 views

Tandoor Recipes < 1.5.24 - Jinja2 SSTI RCE

Tandoor Recipes 1.5.24 has a Jinja2 SSTI vulnerability that allows command execution via recipe steps. id: CVE-2025-23211 info: name: Tandoor Recipes 1.5.24 - Jinja2 SSTI RCE author: sammiee5311 severity: critical description: | Tandoor Recipes 1.5.24 has a Jinja2 SSTI vulnerability that allows...

9.9CVSS5.9AI score0.03464EPSS
Exploits1References4
Nuclei
Nuclei
added 6 hours ago12 views

AstrBot <= 4.22.1 - Command Injection

AstrBot versions up to and including 4.22.1 contain a command injection vulnerability in the MCP server configuration endpoint. The /api/tools/mcp/add endpoint accepts arbitrary command and args fields that are passed directly to subprocess execution during the connection test, without any...

6.5CVSS7AI score0.02304EPSS
Exploits0References2
Nuclei
Nuclei
added 6 hours ago18 views

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Arbitrary File Disclosure

Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability caused by improper validation of the 'READ.filePath' parameter in fileread script and SendCGICMD API, letting authenticated attackers read arbitrary system files. id: CVE-2019-25246 info: name: BEWARD...

8.8CVSS5.9AI score0.17393EPSS
Exploits1References3
Nuclei
Nuclei
added 6 hours ago109 views

reNgine 2.2.0 - Command Injection

reNgine before 2.1.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an api/tools/wafdetector/?url= string. The commands are executed as root via subprocess.checkoutput. id: CVE-2023-50094 info: name: reNgine 2.2.0 - Command Injection...

8.8CVSS7.3AI score0.1354EPSS
Exploits2References3
Nuclei
Nuclei
added 6 hours ago10 views

Tutor LMS <= 2.1.10 - SQL Injection

Tutor LMS – eLearning and online course solution plugin for WordPress all versions up to 2.6.1 contains a time-based SQL Injection caused by insufficient escaping on the questionid parameter in SQL queries, letting authenticated attackers with subscriber or higher access extract sensitive...

8.8CVSS7.6AI score0.03135EPSS
Exploits0References3
Nuclei
Nuclei
added 6 hours ago13 views

Group-Office < 26.0.5 - Remote Code Execution

Group-Office before versions 6.8.150, 25.0.82, and 26.0.5 is vulnerable to remote code execution via OS command injection. The endpoint email/message/tnefAttachmentFromTempFile directly concatenates the user-controlled parameter tmpfile into an exec call. By injecting shell metacharacters into...

9.4CVSS6.7AI score0.18536EPSS
Exploits2References4
Nuclei
Nuclei
added 6 hours ago22 views

Frappe Framework < 16.15.0 - Arbitrary File Read via render_include Path Traversal

Frappe is a full-stack web application framework. Versions prior to 15.105.0 and 16.15.0 contain a possible Arbitrary File Read vulnerability via Path Traversal. The issue is resolved in versions 16.15.0, 15.105.0 and above. id: CVE-2026-39352 info: name: Frappe Framework 16.15.0 - Arbitrary File...

8.7CVSS5.8AI score0.01279EPSS
Exploits0References4
Nuclei
Nuclei
added 6 hours ago26 views

TP-Link TL-WR840N - Command Injection

The TP-Link TL-WR840NESV6.20180709 router contains a command injection vulnerability in the oalsetIp6DefaultRoute component. This vulnerability allows authenticated attackers to execute arbitrary system commands, leading to complete device compromise. id: CVE-2022-25061 info: name: TP-Link...

9.8CVSS7.2AI score0.72495EPSS
Exploits1References5
Nuclei
Nuclei
added 6 hours ago15 views

User Profile Picture < 2.5.0 - Sensitive Information Disclosure

The REST API endpoint getusers in the User Profile Picture WordPress plugin before 2.5.0 returned more information than was required for its functionality to users with the uploadfiles capability. This included password hashes, hashed user activation keys, usernames, emails, and other less...

7.5CVSS7.1AI score0.04788EPSS
Exploits2References3
Nuclei
Nuclei
added 6 hours ago27 views

phpMyAdmin < 5.0.3 - SQL Injection

phpMyAdmin before 4.9.6 and 5.x before 5.0.3 contains a SQL injection caused by improper processing of SQL statements in the search feature, letting attackers inject malicious SQL, exploit requires crafted search input. id: CVE-2020-26935 info: name: phpMyAdmin 5.0.3 - SQL Injection author: 0xAko...

9.8CVSS7.3AI score0.67081EPSS
Exploits1References3
Nuclei
Nuclei
added 6 hours ago19 views

Responsive Pricing Table <= 5.1.12 - Cross-Site Scripting

The Responsive Pricing Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'planicons' parameter in all versions up to, and including, 5.1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-lev...

6.4CVSS5.9AI score0.00598EPSS
Exploits0References3
Nuclei
Nuclei
added 6 hours ago9 views

WP Projects Portfolio <= 3.0 - Cross-Site Scripting

WP Projects Portfolio with Client Testimonials WordPress plugin = 3.0 contains a reflected cross-site scripting caused by unsanitized parameter output, letting attackers execute scripts in the context of high privilege users, exploit requires attacker to craft a malicious URL. id: CVE-2024-13114...

6.1CVSS7.2AI score0.00561EPSS
Exploits1References2
Nuclei
Nuclei
added 6 hours ago13 views

Images to WebP < 1.9 - Authenticated Local File Inclusion

The Images to WebP WordPress plugin before version 1.9 did not validate or sanitize the tab parameter before using it in the include function. id: CVE-2021-24644 info: name: Images to WebP 1.9 - Authenticated Local File Inclusion author: Sourabh-Sahu severity: high description: | The Images to We...

7.5CVSS7.1AI score0.05028EPSS
Exploits2References2
CVE
CVE
added 7 hours ago6 views

CVE-2026-14029

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'select' parameter in all versions up to, and including, 4.5.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS5.8AI score
Exploits0References10
Cvelist
Cvelist
added 7 hours ago6 views

CVE-2026-12134 JoomSport <= 5.7.8 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Group Creation/Modification via season_groupedit AJAX action

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.7.8. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS
Exploits0References8
Cvelist
Cvelist
added 8 hours ago7 views

CVE-2026-8147 Authorization Bypass in mlflow/mlflow

In MLflow versions prior to 3.14.0, when running with authentication enabled, the trace API endpoints lack proper authorization validators. This allows any authenticated user to bypass experiment-level authorization controls on all trace operations, including reading, deleting, and modifying trac...

8.1CVSS
Exploits0References2
Cvelist
Cvelist
added 10 hours ago10 views

CVE-2026-13704 GiveWP <= 4.16.1 - Authenticated (Give Worker+) Stored Cross-Site Scripting via Sequioa Form

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sequoiaintroductionimage' parameter in all versions up to, and including, 4.16.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS
Exploits0References9
Rows per page
Query Builder