Lucene search
K

4 matches found

CVE
CVE
added yesterday9 views

CVE-2026-12273

The Tutor LMS WordPress plugin before 3.9.13 does not perform any authorization or post-target validation before creating a comment in one of its handlers, and stores the comment pre-approved, allowing authenticated users with subscriber-level access and above to post auto-approved comments...

4.3CVSS6.2AI score0.0014EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/01 9:7 p.m.4 views

Improper Authorization

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Improper Authorization in the overrideStatus request parameter, which is processed by the setStatus function. An attacker can bypass administrative moderation and...

5.3CVSS5.8AI score0.00238EPSS
Exploits1References2
NVD
NVD
added 2009/02/09 6:30 p.m.26 views

CVE-2008-6098

Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, 2.20 before 2.20.7, and other versions after 2.17.4 allows remote authenticated users to bypass moderation to approve and disapprove quips via a direct request to quips.cgi with the action parameter set to "approve."...

4CVSS6AI score0.01146EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2009/02/09 6:30 p.m.29 views

CVE-2008-6098

Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, 2.20 before 2.20.7, and other versions after 2.17.4 allows remote authenticated users to bypass moderation to approve and disapprove quips via a direct request to quips.cgi with the action parameter set to "approve."...

4CVSS5.9AI score0.01146EPSS
Exploits0References1
Rows per page
Query Builder