Lucene search
+L

3384 matches found

CVE
CVE
added 2026/05/11 7:52 p.m.20 views

CVE-2026-42884

Summary: Audiobookshelf (self-hosted server) prior to version 2.32.2 exposes collection data across libraries. The GET /api/collections and GET /api/collections/:id endpoints do not verify the requester’s library access, enabling an authenticated user with access to any library to enumerate and r...

4.3CVSS5.8AI score0.00162EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/04 5:44 p.m.11 views

EUVD-2026-27053

Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/id, /api/notes/id/content, the slug URL, and the asset endpoints. Unauthenticated callers who hold the note I...

5.3CVSS5.7AI score0.00194EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:44 p.m.8 views

CVE-2026-41572

Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/id, /api/notes/id/content, the slug URL, and the asset endpoints. Unauthenticated callers who hold the note I...

5.3CVSS5.7AI score0.00194EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/29 2:48 p.m.5 views

CVE-2026-39668

Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...

5.3CVSS5.1AI score0.00228EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.10 views

PT-2026-36891

Name of the Vulnerable Software and Affected Versions Note Mark versions prior to 0.19.3 Description An issue exists where notes and uploaded assets remain accessible after a public book is soft-deleted. Unauthenticated users with the note ID or slug path can access data via the endpoints...

5.3CVSS5.8AI score0.00194EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.13 views

WordPress plugin HM Books Gallery 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.3CVSS5.8AI score0.00323EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/22 3:4 p.m.161 views

Exploit for Insufficiently Protected Credentials in Kyocera Net_Viewer

KyoceraCredsDump - CVE-2022-1026 - Based on the original explo...

8.6CVSS7.2AI score0.15102EPSS
Exploits5
NVD
NVD
added 2026/04/13 2:16 a.m.8 views

CVE-2026-6149

A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Affected by this issue is some unknown functionality of the file /util/BookVehicleFunction.php. Executing a manipulation of the argument BRANCHID can lead to sql injection. The attack may be performed from remote. The...

7.5CVSS0.0035EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/13 1:45 a.m.6 views

EUVD-2026-21776

A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Affected by this issue is some unknown functionality of the file /util/BookVehicleFunction.php. Executing a manipulation of the argument BRANCHID can lead to sql injection. The attack may be performed from remote. The...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/13 1:45 a.m.3 views

CVE-2026-6149

A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Affected by this issue is some unknown functionality of the file /util/BookVehicleFunction.php. Executing a manipulation of the argument BRANCHID can lead to sql injection. The attack may be performed from remote. The...

7.5CVSS6.9AI score0.0035EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/13 1:45 a.m.2 views

CVE-2026-6149 code-projects Vehicle Showroom Management System BookVehicleFunction.php sql injection

A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Affected by this issue is some unknown functionality of the file /util/BookVehicleFunction.php. Executing a manipulation of the argument BRANCHID can lead to sql injection. The attack may be performed from remote. The...

7.5CVSS6.9AI score0.0035EPSS
Exploits0References5
CVE
CVE
added 2026/04/13 1:45 a.m.21 views

CVE-2026-6149

The CVE concerns code-projects Vehicle Showroom Management System 1.0. Affected component: /util/BookVehicleFunction.php. The vulnerability arises from manipulating the BRANCH_ID argument, enabling SQL injection. Exploitation is possible remotely and an exploit has been published. This is support...

7.5CVSS6.9AI score0.0035EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.8 views

Code-Projects Vehicle Showroom Management System SQL注入漏洞

The Code-Projects Vehicle Showroom Management System is an open-source system for managing automobile showrooms developed by Code-Projects. Version 1.0 of the Code-Projects Vehicle Showroom Management System contains a SQL injection vulnerability. This vulnerability arises from improper handling ...

7.5CVSS7.2AI score0.0035EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/08 9:31 a.m.4 views

EUVD-2026-20342

Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...

5.3CVSS5.9AI score0.00228EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:16 a.m.3 views

CVE-2026-39668

Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...

5.3CVSS0.00228EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.1 views

CVE-2026-39668 WordPress Book Previewer for Woocommerce plugin <= 1.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...

5.9AI score0.00228EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.3 views

CVE-2026-39668

Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...

5.9AI score0.00228EPSS
Exploits0References2
CVE
CVE
added 2026/04/08 8:30 a.m.9 views

CVE-2026-39668

The CVE-2026-39668 entry covers a Missing Authorization (Broken Access Control) vulnerability in the g5theme Book Previewer for Woocommerce plugin for WordPress, affected through version 1.0.6. The underlying issue is incorrectly configured access control, enabling potential unauthorized access t...

5.3CVSS5.9AI score0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.25 views

CVE-2026-39668 WordPress Book Previewer for Woocommerce plugin <= 1.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Book Previewer for Woocommerce: from n/a through = 1.0.6...

5.3CVSS0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

WordPress plugin Book Previewer for Woocommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.3CVSS5.8AI score0.00228EPSS
Exploits0References1
Rows per page
Query Builder