Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/05/11 10:22 p.m.11 views

CVE-2026-43890

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...

7.7CVSS0.00205EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/11 9:9 p.m.9 views

EUVD-2026-29334

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...

7.7CVSS5.8AI score0.00205EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/13 6:31 p.m.3 views

EUVD-2025-34074

Liferay Publications vulnerable to Authorization Bypass Through User-Controlled Key...

4.8CVSS6.4AI score0.00258EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/10/13 4:53 p.m.6 views

CVE-2025-62244

Insecure direct object reference IDOR vulnerability in Publications in Liferay Portal 7.3.1 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92, and 7.3 GA through update 36 allows remote authenticated attackers to view the edi...

4.8CVSS0.00258EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/10/13 12:0 a.m.3 views

PT-2025-41793

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.3.1 through 7.4.3.111 Liferay DXP versions 2023.Q3.1 through 2023.Q4.5 Description An insecure direct object reference IDOR exists in the Publications feature. This allows remotely authenticated attackers to view the...

4.8CVSS6.5AI score0.00258EPSS
Exploits0References6
OSV
OSVadded 2025/01/23 12:15 p.m.8 views

CVE-2024-13236

The Tainacan plugin for WordPress is vulnerable to SQL Injection via the 'collectionid' parameter in all versions up to, and including, 0.21.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

6.5CVSS7.2AI score
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/01/23 12:0 a.m.4 views

PT-2025-2083 · WordPress · Tainacan

Name of the Vulnerable Software and Affected Versions: Tainacan plugin for WordPress versions 0.21.12 and earlier Description: The issue arises from insufficient escaping on the user-supplied collection id parameter and a lack of sufficient preparation on the existing SQL query. This allows...

6.5CVSS7.3AI score0.00443EPSS
Exploits0References11
Prion
Prionadded 2018/09/28 12:29 a.m.13 views

Sql injection

SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter...

7.5CVSS9.8AI score0.0328EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder