DomainMOD 4.13.0 - Cross-Site Scripting

DomainMOD 4.13.0 is vulnerable to cross-site scripting via reporting/domains/cost-by-owner.php in the "or Expiring Between" parameter. id: CVE-2020-20988 info: name: DomainMOD 4.13.0 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.13.0 is vulnerable to...

Cost Calculator Builder <= 3.2.15 - SQL Injection

The Cost Calculator Builder plugin for WordPress is vulnerable to SQL Injection via discount codes in versions up to, and including, 3.2.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2026-44734

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, a Missing Authorization vulnerability exists in OpenProject's CostReportsController. The rename and update actions allow any authenticated user to modify the name, filters, and grouping of any Public co...

CVE-2026-44734

CVE-2026-44734 affects OpenProject prior to 17.3.2 and 17.4.0. A Missing Authorization flaw in CostReportsController allows any authenticated user to rename/update public cost reports (name, filters, grouping) without ownership or permission checks. An attacker who guesses a public report ID can ...

CVE-2026-44734 OpenProject: Improper Access Control on OpenProject through the POST request to /projects/[PROJECT_NAME]/cost_reports/[REPORT_ID]/rename

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, a Missing Authorization vulnerability exists in OpenProject's CostReportsController. The rename and update actions allow any authenticated user to modify the name, filters, and grouping of any Public co...

CVE-2026-54847

Unauthenticated Broken Access Control in Stylish Cost Calculator = 8.3.9 versions...

EUVD-2026-39684

Unauthenticated Broken Access Control in Stylish Cost Calculator = 8.3.9 versions...

CVE-2026-54847

The CVE-2026-54847 entry concerns the WordPress plugin “Stylish Cost Calculator” (versions

CVE-2026-54847 WordPress Stylish Cost Calculator plugin <= 8.3.9 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Stylish Cost Calculator = 8.3.9 versions...

CVE-2026-54892

Inefficient algorithmic complexity in Plug's nested-parameter decoder allows an unauthenticated remote attacker to cause denial of service. Plug.Conn.Query.decode/4 and Plug.Conn.Query.decodeeach/2 parse query strings and application/x-www-form-urlencoded request bodies. When a key contains many...

Important: Red Hat Security Advisory: Cost Management Metrics Operator Update

Cost Management Metrics Operator version 4.4.1 release. The Cost Management Metrics Operator is a component of the Red Hat Cost Managment service for Openshift. The operator runs on the latest supported versions of Openshift. This operator obtains OpenShift usage data by querying Prometheus every...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fixed the divide by 0 error in calclcoefs The issue arises when the value of u64 type is used in the DIVROUNDUPULL operation. A divide by 0 error can occur if bps plus IOCPAGESIZE is greater than ULLONGMAX. This could...

EUVD-2026-37957

Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network...

CVE-2026-47633

Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network...

CVE-2026-47633 Microsoft Cost Management Information Disclosure Vulnerability

...

CVE-2026-47633

Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network...

CVE-2026-47633 Microsoft Cost Management Information Disclosure Vulnerability

...

CVE-2026-47633

CVE-2026-47633 concerns Microsoft Cost Management Interactive Experiences, where an unauthorized actor can access sensitive information over a network. The provided sources indicate exposure of information as the impact, with a CVSS v3.1 base score of 7.5 (High), attack vector Network, no authent...

New Forrester Total Economic Impact™ study projects a 124% ROI from unifying with Microsoft Security

Across many industries, organizations are unifying security and putting AI agents to work. Security teams are utilizing agents that reason, decide, and act on their behalf, under their governance. At Microsoft, we see this firsthand—more than 80% of the Fortune 500 are already using AI.1 The...

WordPress Stylish Cost Calculator plugin <= 8.3.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by ParkHyunWoo in WordPress Plugin Stylish Cost Calculator versions = 8.3.9...