Lucene search
K

11 matches found

EUVD
EUVD
added 2026/05/14 8:24 a.m.17 views

EUVD-2026-30257

The User Registration & Membership plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.1.5. This is due to the isadmincreationprocess method relying solely on the presence of action=createuser in the $REQUEST superglobal without performing any...

5.3CVSS5.8AI score0.00445EPSS
Exploits1References2
NVD
NVD
added 2026/04/24 1:16 a.m.2 views

CVE-2026-41325

Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined for each role in the user blueprint site/blueprints/users/.... It is also possible to customize th...

8.8CVSS0.00363EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/24 12:38 a.m.6 views

EUVD-2026-25371

Kirby is an open-source content management system. Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined for each role in the user blueprint site/blueprints/users/.... It is also possible to customize th...

7.1CVSS5.6AI score0.00363EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-23618

Malicious code in bioql PyPI...

5.8CVSS5.1AI score0.00611EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 12:23 a.m.13 views

CVE-2022-48343

In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process...

6.1CVSS6AI score0.59462EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 2:15 p.m.6 views

UBUNTU-CVE-2024-56543

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Skip Rx TID cleanup for self peer During peer create, dp setup for the peer is done where Rx TID is updated for all the TIDs. Peer object for self peer will not go through dp setup. When core halts, dp cleanup is do...

5.5CVSS6.5AI score0.00211EPSS
Exploits0References19
Packet Storm
Packet Storm
added 2024/03/19 12:0 a.m.230 views

WEBIGniter 28.7.23 Cross Site Scripting

Title: WEBIGniter v28.7.23 XSS Author: RedTeamer IT Security, Mesut Cetin Date: 09/04/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting/stored Description: During the user creation process, the 'yourname...

7.4AI score
Exploits0
OSV
OSV
added 2024/01/15 4:15 p.m.1 views

CVE-2024-0315

Remote file inclusion vulnerability in FireEye Central Management affecting version 9.1.1.956704. This vulnerability allows an attacker to upload a malicious PDF file to the system during the report creation process...

7.8CVSS5.8AI score0.00325EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/02/23 3:44 p.m.11 views

CVE-2022-48343

In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process...

5.4CVSS6AI score0.59462EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/03 10:15 p.m.5 views

CVE-2022-25220

PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code inside the markdown descriptions while creating a product, report or finding...

4.8CVSS5.9AI score0.00548EPSS
Exploits1References3
Code423n4
Code423n4
added 2021/11/18 12:0 a.m.8 views

Does not check uniqueness of ShareHolder

Handle hack3r-0m Vulnerability details does not check if there is already a shareholder before creating a new shareholder. this will cause an issue in findShareHolder since it will return the first shareholder in the array while there are more than one. --- The text was updated successfully, but...

6.9AI score
Exploits0
Rows per page
Query Builder