Lucene search
K

8 matches found

NVD
NVD
added 2026/03/26 9:17 p.m.5 views

CVE-2026-3528

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Calculation Fields allows Cross-Site Scripting XSS.This issue affects Calculation Fields: from 0.0.0 before 1.0.4...

6.1CVSS0.00243EPSS
Exploits0References1
NVD
NVD
added 2026/02/04 9:15 p.m.6 views

CVE-2026-1553

Incorrect Authorization vulnerability in Drupal Drupal Canvas allows Forceful Browsing.This issue affects Drupal Canvas: from 0.0.0 before 1.0.4...

4.8CVSS0.00138EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/04 8:26 p.m.3 views

CVE-2026-0948 Microsoft Entra ID SSO Login - Critical - Access bypass - SA-CONTRIB-2026-005

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Microsoft Entra ID SSO Login allows Privilege Escalation.This issue affects Microsoft Entra ID SSO Login: from 0.0.0 before 1.0.4...

5.3AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/07 5:32 p.m.3 views

CVE-2025-62033

Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through 1.0.4...

6.5CVSS7AI score0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/07 5:32 p.m.7 views

CVE-2025-62037

Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through 1.0.4...

6.5CVSS7AI score0.00303EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.5 views

PT-2025-45304

Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through 1.0.4...

6.5CVSS7AI score0.00303EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/21 6:0 a.m.16 views

CVE-2025-10916 FormGent < 1.0.4 - Unauthenticated Arbitrary File Deletion

The FormGent WordPress plugin before 1.0.4 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unauthenticated attackers to delete arbitrary files on the server...

0.0031EPSS
Exploits0References1
OSV
OSV
added 2025/03/23 3:15 p.m.2 views

CVE-2025-2691

Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery SSRF where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism...

9.1CVSS5.8AI score0.00365EPSS
Exploits1References1
Rows per page
Query Builder