Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2024/02/12 4:15 p.m.15 views

CVE-2023-6036

The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handleauthrequest' and 'hadleloginrequest'. This makes it possible for non authenticated attackers to log in as any existing user on the site,...

9.8CVSS6.4AI score0.56304EPSS
Exploits3References1
NVD
NVDadded 2023/06/30 2:15 a.m.9 views

CVE-2023-3249

The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the 'hiddenformdata' function. This makes it possible for authenticated attackers to log in as...

9.8CVSS9.5AI score0.00174EPSS
Exploits0References3
Prion
Prionadded 2023/06/30 2:15 a.m.20 views

Authentication flaw

The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the 'hiddenformdata' function. This makes it possible for authenticated attackers to log in as...

7.5CVSS9.3AI score0.00174EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2019/07/17 2:15 p.m.8 views

CVE-2019-1010084

Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to ensureauth wrapper result in authentication-checking not being applied to al routes...

6.5CVSS6.5AI score0.00238EPSS
Exploits0References1
Packet Storm
Packet Stormadded 2016/09/28 12:0 a.m.37 views

FreePBX Remote Command Execution

Title : Freepbx =begin Freepbx 13.x are vulnerable to Remote command execution due to the insuffecient sanitization of the user input fields language,destination and also due to the lack of good authentication checking Technical details Vulnerable file :...

0.1AI score
Exploits0
exploitpack
exploitpackadded 2016/09/27 12:0 a.m.26 views

FreePBX 13.0.188 - Remote Command Execution (Metasploit)

FreePBX 13.0.188 - Remote Command Execution Metasploit Title : Freepbx =begin Freepbx 13.x are vulnerable to Remote command execution due to the insuffecient sanitization of the user input fields language,destination and also due to the lack of good authentication checking Technical details...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2013/03/28 12:0 a.m.57 views

Novell ZENworks Control Center File Upload Remote Code Execution

The installed version of Novell ZENworks Control Center has a flaw with authentication checking on '/zenworks/jsp/index.jsp' that can allow a remote, unauthenticated attacker to upload arbitrary files and execute them with SYSTEM privileges. C Tenable Network Security, Inc. include"compat.inc"; i...

10CVSS5.6AI score0.72916EPSS
Exploits10References3
Rows per page
Query Builder