CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

65 matches found

CVE-2022-31114

backpack/crud provides Create, Read, Update & Delete CRUD functions for Backpack, a collection of Laravel packages that help users build custom administration panels. Versions prior to 5.0.13, 4.1.69, and 4.0.63 are vulnerable to cross-site scripting. An attacker could conduct a targeted phishing...

5.1CVSS5AI score0.00047EPSS

Exploits0References1

OSV•added 3 days ago•4 views

GHSA-M8XX-3X29-84H8 backpack/crud is vulnerable to Cross-Site Scripting (XSS)

Impact It’s a “moderate” vulnerability… but being an admin panel, we take this seriously. It’s difficult… but an attacker could conduct a targeted phishing campaign, in order to trick your users or admins to click a malicious link, which under very specific circumstances could give them...

5.1CVSS5.8AI score0.00047EPSS

Exploits0References4

Github Security Blog•added 3 days ago•6 views

backpack/crud is vulnerable to Cross-Site Scripting (XSS)

Impact It’s a “moderate” vulnerability… but being an admin panel, take this seriously. It’s difficult… but an attacker could conduct a targeted phishing campaign, in order to trick your users or admins to click a malicious link, which under very specific circumstances could give them information...

5.1CVSS5.7AI score0.00047EPSS

Exploits0References4Affected Software1

NVD•added 3 days ago•6 views

CVE-2022-31114

5.1CVSS0.00047EPSS

Exploits0References1

Vulnrichment•added 3 days ago•5 views

CVE-2022-31114 backpack/crud Vulnerable to Cross-site Scripting

5.1CVSS5.4AI score0.00047EPSS

Exploits0References1

CVE•added 3 days ago•6 views

CVE-2022-31114

The CVE-2022-31114 entry concerns backpack/crud, a Laravel-related package set. Affected versions prior to 5.0.13, 4.1.69, and 4.0.63 are vulnerable to cross-site scripting. An attacker could leverage this in targeted phishing to trick users or admins into clicking a malicious link, with potentia...

5.1CVSS5.4AI score0.00047EPSS

Exploits0References1

EUVD•added 3 days ago•3 views

EUVD-2022-55999

5.1CVSS5.4AI score0.00047EPSS

Exploits0References1

ATTACKERKB•added 3 days ago•3 views

CVE-2022-31114

5.1CVSS5.4AI score0.00047EPSS

Exploits0References2Affected Software1

Cvelist•added 3 days ago•32 views

CVE-2022-31114 backpack/crud Vulnerable to Cross-site Scripting

5.1CVSS0.00047EPSS

Exploits0References1

Positive Technologies•added 3 days ago•6 views

PT-2026-46102

5.1CVSS5.7AI score0.00047EPSS

Exploits0References5

Positive Technologies•added 3 days ago•5 views

PT-2026-45950

Name of the Vulnerable Software and Affected Versions backpack/crud versions prior to 5.0.13 backpack/crud versions prior to 4.1.69 backpack/crud versions prior to 4.0.63 Description Reflected Cross-Site Scripting XSS occurs because error views output the exception message without escaping it. An...

5.1CVSS5.8AI score0.00047EPSS

Exploits0References7

RedhatCVE•added 2025/12/31 11:6 a.m.•2 views

CVE-2025-69030

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Backpack Traveler backpacktraveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backpack Traveler: from n/a through = 2.10.3...

5.4CVSS7AI score0.00049EPSS

Exploits0References1

EUVD•added 2025/12/30 12:30 p.m.•2 views

EUVD-2025-205714

6.5AI score0.00049EPSS

Exploits0References2

OSV•added 2025/12/30 11:16 a.m.•0 views

CVE-2025-69030

5.4CVSS5.8AI score0.00049EPSS

Exploits0References1

NVD•added 2025/12/30 11:16 a.m.•2 views

CVE-2025-69030

5.4CVSS0.00049EPSS

Exploits0References1

Cvelist•added 2025/12/30 10:47 a.m.•22 views

CVE-2025-69030 WordPress Backpack Traveler theme <= 2.10.3 - Insecure Direct Object References (IDOR) vulnerability

5.4CVSS0.00049EPSS

Exploits0References1

CVE•added 2025/12/30 10:47 a.m.•6 views

CVE-2025-69030

CVE-2025-69030 affects Backpack Traveler (Mikado-Themes) WordPress plugin/theme, with an Authorization Bypass Through User-Controlled Key vulnerability reported for Backpack Traveler variants up to 2.10.3. The Initial Description notes an access-control issue enabling bypass via a user-controlled...

5.4CVSS6.6AI score0.00049EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/12/30 10:47 a.m.•1 views

CVE-2025-69030 WordPress Backpack Traveler theme <= 2.10.3 - Insecure Direct Object References (IDOR) vulnerability

5.4CVSS6.6AI score0.00049EPSS

Exploits0References1

CNNVD•added 2025/12/30 12:0 a.m.•1 views

WordPress plugin Backpack Traveler 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.4CVSS5.8AI score0.00049EPSS

Exploits0References1

Positive Technologies•added 2025/12/30 12:0 a.m.•2 views

PT-2025-53911

Name of the Vulnerable Software and Affected Versions Mikado-Themes Backpack Traveler versions through 2.10.3 Description An authorization bypass exists in Mikado-Themes Backpack Traveler due to incorrectly configured access control security levels. This allows exploitation through a...

6.6AI score0.00049EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by