Lucene search
+L

424 matches found

nvd
nvd
added 2026/06/29 3:16 p.m.10 views

CVE-2026-56290

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE...

10CVSS0.02912EPSS
Exploits5References4
attackerkb
attackerkb
added 2026/06/29 2:31 p.m.8 views

CVE-2026-56290

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE...

10CVSS5.8AI score0.02912EPSS
Exploits5References2Affected Software1
vulnrichment
vulnrichment
added 2026/06/29 2:31 p.m.10 views

CVE-2026-56290 Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE...

10CVSS5.8AI score0.02912EPSS
Exploits5References1
euvd
euvd
added 2026/06/29 2:31 p.m.10 views

EUVD-2026-40121

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE...

10CVSS5.8AI score0.02912EPSS
Exploits5References1
cvelist
cvelist
added 2026/06/29 2:31 p.m.63 views

CVE-2026-56290 Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE...

10CVSS0.02912EPSS
Exploits5References1
cve
cve
added 2026/06/29 2:31 p.m.337 views

CVE-2026-56290

CVE-2026-56290 affects Joomla Page Builder CK (com_pagebuilderck). The root cause is an unauthenticated file upload path via browse.ajaxAddPicture that accepts a user-controlled destination with only trivial sanitization and no authentication gate, enabling an attacker to upload PHP/executable fi...

10CVSS5.8AI score0.02912EPSS
In wildExploits5References4Affected Software1
ptsecurity
ptsecurity
added 2026/06/27 12:0 a.m.10 views

PT-2026-53285

Name of the Vulnerable Software and Affected Versions Page Builder CK extension for Joomla versions prior to 3.6.0 Description An unauthenticated arbitrary file upload flaw exists in the Page Builder CK extension for Joomla due to improper access control and insufficient server-side restrictions ...

10CVSS7.5AI score0.02912EPSS
Exploits5References36
ptsecurity
ptsecurity
added 2026/06/04 12:0 a.m.23 views

PT-2026-46198

Care2x 2.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by manipulating the ck config cookie parameter. Attackers can inject malicious SQL through the ck config cookie in multiple endpoints including login.php,...

8.8CVSS6.1AI score0.00262EPSS
Exploits0References3
githubexploit
githubexploit
added 2026/05/06 9:44 p.m.89 views

cyber-operation-lab

Full-Spectrum Cyber Operation Lab: Red Team Execution & Blue T...

6AI score
Exploits0
osv
osv
added 2026/02/25 6:43 p.m.6 views

DRUPAL-CONTRIB-2026-011

This module enables you to add icons to CKEditor. The module doesn't sufficiently add custom permissions to the dialog and autocomplete routes, allowing full access to the routes in most scenarios...

5.3CVSS5.5AI score0.00223EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-30721

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.00217EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-52527

Malicious code in bioql PyPI...

7.1CVSS8.9AI score0.00194EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-35514

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.00276EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/09/23 12:0 a.m.6 views

DNN 安全漏洞

DNN aka DotNetNuke is a Microsoft-supported, open-source content management system CMS based on the ASP.NET platform from the U.S. company DNN. The system is easy to install, scalable, feature-rich and so on. A security vulnerability exists in versions prior to DNN 10.1.0, which stems from...

5.3CVSS6.5AI score0.00246EPSS
Exploits0References1
ossf
ossf
added 2025/08/14 6:52 p.m.3 views

Malicious code in @zalastax/nolb-node-ck (npm)

The package @zalastax/nolb-node-ck was found to contain malicious code...

7AI score
Exploits0
osv
osv
added 2025/08/14 6:52 p.m.1 views

MAL-2025-10917 Malicious code in @zalastax/nolb-ck (npm)

The package @zalastax/nolb-ck was found to contain malicious code...

7.2AI score
Exploits0
osv
osv
added 2025/08/14 6:52 p.m.1 views

MAL-2025-12608 Malicious code in @zalastax/nolb-node-ck (npm)

The package @zalastax/nolb-node-ck was found to contain malicious code...

7.2AI score
Exploits0
ossf
ossf
added 2025/08/14 6:52 p.m.2 views

Malicious code in @zalastax/nolb-ck (npm)

The package @zalastax/nolb-ck was found to contain malicious code...

7AI score
Exploits0
thn
thn
added 2025/06/27 6:31 a.m.9 views

OneClik Red Team Campaign Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors

Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft's ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors. "The campaign exhibits characteristics aligned with...

6.7AI score
Exploits0
hackread
hackread
added 2025/06/24 4:23 p.m.8 views

Kali Linux 2025.1c Fixes Key Issue, Adds New Tools and Interface Updates

Kali Linux 2025.1c includes a new signing key to fix update errors, adds new tools, a redesigned menu with MITRE ATT&CK, and major system upgrades...

7.3AI score
Exploits0
Rows per page
Query Builder