Lucene search
K

43755 matches found

Packet Storm
Packet Storm
added 2026/04/13 12:0 a.m.95 views

📄 WBCE CMS 1.6.4 Brute Force

WBCE CMS versions 1.6.4 suffers from a brute force protection bypass vulnerability. CVE-2025-66204: WBCE CMS allows brute-force protection bypass using X-Forwarded-For header Overview | Field | Details | |---|---| | CVE ID | CVE-2025-66204 | | Severity | MEDIUM | | Advisory | View Advisory | |...

8.1CVSS5.8AI score0.00402EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/04/13 12:0 a.m.109 views

📄 WBCE CMS Privilege Escalation / Insecure Direct Object Reference

WBCE CMS versions prior to 1.6.4 suffers from insecure direct object reference and privilege escalation vulnerabilities. CVE-2025-65094: WBCE CMS is Vulnerable to Privilege Escalation via Group ID Manipulation IDOR Overview | Field | Details | |---|---| | CVE ID | CVE-2025-65094 | | Severity | HI...

8.8CVSS5.8AI score0.00331EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.23 views

Amazon Linux 2023 : openssl, openssl-devel, openssl-fips-provider-latest (ALAS2023-2026-1586)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1586 advisory. Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388...

8.1CVSS7.4AI score0.00981EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.35 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : OpenSSL vulnerabilities (USN-8155-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8155-1 advisory. Viktor Dukhovni discovered that OpenSSL incorrectly negotiated the expected preferred key exchange group when used as a TLS 1.3 serve...

9.8CVSS8.4AI score0.00981EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.8 views

Code-Projects Simple Content Management System SQL注入漏洞

Code-Projects Simple Content Management System is an open-source simple content management system developed by Code-Projects. Version 1.0 of Code-Projects Simple Content Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameter IDs in file...

7.5CVSS7.2AI score0.00313EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.8 views

Code-Projects Simple Content Management System SQL注入漏洞

Code-Projects Simple Content Management System is an open-source simple content management system developed by Code-Projects. Version 1.0 of Code-Projects Simple Content Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the User parameter in...

7.5CVSS7.2AI score0.00313EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2026/04/13 12:0 a.m.91 views

📄 WBCE CMS 1.6.4 SQL Injection

WBCE CMS versions 1.6.4 and below suffer from a remote time-bsed SQL injection vulnerability via the groups parameter. CVE-2025-65950: WBCE CMS is Vulnerable to Time-Based Blind SQL Injection through groups Parameter Overview | Field | Details | |---|---| | CVE ID | CVE-2025-65950 | | Severity |...

9.4CVSS5.9AI score0.00462EPSS
Exploits3
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.7 views

Victor CMS SQL注入漏洞

Victor CMS is an open-source content management system developed by Victor Alagwu in Nigeria. Version 1.0 of Victor CMS has a SQL injection vulnerability, which stems from insufficient input validation for the catid parameter in the category.php file. This vulnerability may lead to SQL injection...

9.8CVSS5.8AI score0.00413EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/04/11 7:14 p.m.113 views

Exploit for Improper Authorization in Wbce Wbce_Cms

CVE-2025-65094: WBCE CMS is Vulnerable to Privilege Escalation...

8.8CVSS5.8AI score0.00331EPSS
Exploits3
GithubExploit
GithubExploit
added 2026/04/11 7:13 p.m.112 views

Exploit for SQL Injection in Wbce Wbce_Cms

CVE-2025-65950: WBCE CMS is Vulnerable to Time-Based Blind SQL...

9.4CVSS6.2AI score0.00462EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/04/11 1:21 a.m.4 views

CVE-2026-39389

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, This vulnerability is fixed in 0.31.4.0...

7.2CVSS5.8AI score0.00471EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/04/11 12:0 a.m.15 views

SUSE SLES12: libopenssl-1_0_0-devel / libopenssl-1_0_0-devel-32bit / etc (SUSE-SU-2026:1256-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1256-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta C...

9.8CVSS7.7AI score0.00981EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/04/11 12:0 a.m.8 views

SUSE SLES12: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2026:1255-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1255-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta C...

9.8CVSS7.5AI score0.00885EPSS
Exploits0References13
OSV
OSV
added 2026/04/10 5:11 p.m.4 views

MGASA-2026-0091 Updated openssl packages fix security vulnerabilities

Incorrect Failure Handling in RSA KEM RSASVE Encapsulation. CVE-2026-31790 Potential Use-after-free in DANE Client Code. CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL. CVE-2026-28388 Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo. CVE-2026-28389 Possible...

9.8CVSS5.8AI score0.00981EPSS
Exploits0References3
Mageia
Mageia
added 2026/04/10 5:11 p.m.8 views

Updated openssl packages fix security vulnerabilities

Incorrect Failure Handling in RSA KEM RSASVE Encapsulation. CVE-2026-31790 Potential Use-after-free in DANE Client Code. CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL. CVE-2026-28388 Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo. CVE-2026-28389 Possible...

9.8CVSS5.8AI score0.00981EPSS
Exploits0References2
NVD
NVD
added 2026/04/10 4:16 p.m.6 views

CVE-2026-29002

CouchCMS contains a privilege escalation vulnerability that allows authenticated Admin-level users to create SuperAdmin accounts by tampering with the fklevelslist parameter in user creation requests. Attackers can modify the parameter value from 4 to 10 in the HTTP request body to bypass...

8.6CVSS0.00427EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/10 3:11 p.m.5 views

CVE-2026-29002 CouchCMS Privilege Escalation via f_k_levels_list Parameter

CouchCMS contains a privilege escalation vulnerability that allows authenticated Admin-level users to create SuperAdmin accounts by tampering with the fklevelslist parameter in user creation requests. Attackers can modify the parameter value from 4 to 10 in the HTTP request body to bypass...

8.6CVSS5.9AI score0.00427EPSS
Exploits1References3
SUSE Linux
SUSE Linux
added 2026/04/10 3:6 p.m.4 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...

7.3CVSS6.1AI score0.00981EPSS
Exploits0References20
OSV
OSV
added 2026/04/10 3:6 p.m.4 views

SUSE-SU-2026:1257-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. - CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInf...

9.8CVSS6.1AI score0.00981EPSS
Exploits0References11
SUSE Linux
SUSE Linux
added 2026/04/10 2:57 p.m.7 views

Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...

7.3CVSS6.1AI score0.00981EPSS
Exploits0References20
Rows per page
Query Builder